You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@storm.apache.org by "Jungtaek Lim (JIRA)" <ji...@apache.org> on 2018/08/14 14:30:00 UTC

[jira] [Resolved] (STORM-3184) Storm supervisor log showing keystore and truststore password in plaintext

     [ https://issues.apache.org/jira/browse/STORM-3184?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jungtaek Lim resolved STORM-3184.
---------------------------------
       Resolution: Fixed
         Assignee: Arun Mahadevan
    Fix Version/s: 1.2.3
                   2.0.0

Thanks [~arunmahadevan], I merged into master and 1.x-branch.

> Storm supervisor log showing keystore and truststore password in plaintext
> --------------------------------------------------------------------------
>
>                 Key: STORM-3184
>                 URL: https://issues.apache.org/jira/browse/STORM-3184
>             Project: Apache Storm
>          Issue Type: Bug
>          Components: storm-core
>    Affects Versions: 1.1.1
>            Reporter: Arpit Khare
>            Assignee: Arun Mahadevan
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 2.0.0, 1.2.3
>
>          Time Spent: 2.5h
>  Remaining Estimate: 0h
>
> When we enable SSL for Apache storm, the superviosr log shows the keystore and truststore password in the plaintext
> log name : /var/log/storm/supervisor.log 
> {code}
> 2018-05-28 16:21:12.594 o.a.s.d.s.Supervisor main [INFO] Starting supervisor for storm version '1.1.1.3.1.1.0-35'. 
> 2018-05-28 16:21:12.595 o.a.s.d.s.Supervisor main [INFO] Starting Supervisor with conf {storm.messaging.netty.min_wait_ms=100, storm.zookeeper.auth.user=null, storm.messaging.netty.buffer_s 
> ize=5242880, client.jartransformer.class=org.apache.storm.hack.StormShadeTransformer, storm.exhibitor.port=8080, pacemaker.auth.method=NONE, ui.filter=null, worker.profiler.enabled=false 
> ui.https.key.password=pass123
> ui.https.keystore.password=pass123 
> {code}
> For the below properties created in custom-storm-site section in Ambari while enabling SSL. 
> {code}
> ui.https.key.password=pass123 
> ui.https.keystore.password=pass123
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)