You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@zookeeper.apache.org by "Enrico Olivelli (Jira)" <ji...@apache.org> on 2020/01/12 11:55:00 UTC
[jira] [Updated] (ZOOKEEPER-3689) zkCli/ZooKeeperMain relies on
system properties for TLS config
[ https://issues.apache.org/jira/browse/ZOOKEEPER-3689?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Enrico Olivelli updated ZOOKEEPER-3689:
---------------------------------------
Issue Type: New Feature (was: Bug)
> zkCli/ZooKeeperMain relies on system properties for TLS config
> --------------------------------------------------------------
>
> Key: ZOOKEEPER-3689
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3689
> Project: ZooKeeper
> Issue Type: New Feature
> Components: security, server
> Affects Versions: 3.6.0, 3.5.5, 3.5.6
> Reporter: Ron Dagostino
> Priority: Major
>
> The command line client to ZooKeeper (org.apache.zookeeper.ZooKeeperMain, invoked via bin/zkCli.{bat,sh}) has no facility for accepting TLS client configuration (e.g. keystore/truststore location and password) except via system properties. System properties must be passed on the command line as "-D" arguments and are inherently not secure. There should be a way to pass the client TLS configuration to org.apache.zookeeper.ZooKeeperMain in a more secure way (e.g. via a file).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)