You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by el...@apache.org on 2014/08/12 05:41:57 UTC
[1/5] git commit: ACCUMULO-3059 Allow configuration of truststore
password and root keystore password
Repository: accumulo
Updated Branches:
refs/heads/1.6.1-SNAPSHOT 10500f6da -> 011349e2d
refs/heads/master 63b3bdd8c -> ef0b27c1e
ACCUMULO-3059 Allow configuration of truststore password and root keystore password
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/384aa396
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/384aa396
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/384aa396
Branch: refs/heads/1.6.1-SNAPSHOT
Commit: 384aa396736b7ddeadf38d71d3f42afda7c4d0da
Parents: 10500f6
Author: Josh Elser <el...@apache.org>
Authored: Mon Aug 11 23:30:39 2014 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Mon Aug 11 23:30:39 2014 -0400
----------------------------------------------------------------------
.../MiniAccumuloClusterStartStopTest.java | 1 -
.../accumulo/test/functional/AbstractMacIT.java | 2 +-
.../apache/accumulo/test/util/CertUtils.java | 36 +++++++++++++-------
.../accumulo/test/util/CertUtilsTest.java | 6 ++--
4 files changed, 28 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
----------------------------------------------------------------------
diff --git a/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java b/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
index 9e38d09..b44868f 100644
--- a/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
+++ b/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
@@ -22,7 +22,6 @@ import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.ZooKeeperInstance;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.junit.After;
-import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
index 0c29dfd..4734558 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
@@ -101,7 +101,7 @@ public abstract class AbstractMacIT {
File publicTruststoreFile = new File(sslDir, "public-" + cfg.getInstanceName() + ".jks");
try {
new CertUtils(Property.RPC_SSL_KEYSTORE_TYPE.getDefaultValue(), "o=Apache Accumulo,cn=MiniAccumuloCluster", "RSA", 2048, "sha1WithRSAEncryption")
- .createAll(rootKeystoreFile, localKeystoreFile, publicTruststoreFile, cfg.getInstanceName(), cfg.getRootPassword());
+ .createAll(rootKeystoreFile, localKeystoreFile, publicTruststoreFile, cfg.getInstanceName(), "root_keystore_password", cfg.getRootPassword(), "");
} catch (Exception e) {
throw new RuntimeException("error creating MAC keystore", e);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java b/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
index b7614b8..552a332 100644
--- a/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
+++ b/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
@@ -92,11 +92,17 @@ public class CertUtils {
@Parameter(names = {"--keystore-type"}, description = "Type of keystore file to use")
String keystoreType = "JKS";
+ @Parameter(names = {"--root-keystore-password"}, description = "Password for root keystore, falls back to --keystore-password if not provided")
+ String rootKeystorePassword = null;
+
@Parameter(
names = {"--keystore-password"},
description = "Password used to encrypt keystores. If omitted, the instance-wide secret will be used. If specified, the password must also be explicitly configured in Accumulo.")
String keystorePassword = null;
+ @Parameter(names = {"--truststore-password"}, description = "Password used to encrypt the truststore. If omitted, empty password is used")
+ String truststorePassword = "";
+
@Parameter(names = {"--key-name-prefix"}, description = "Prefix for names of generated keys")
String keyNamePrefix = CertUtils.class.getSimpleName();
@@ -162,14 +168,20 @@ public class CertUtils {
String keyPassword = opts.keystorePassword;
if (keyPassword == null)
keyPassword = getDefaultKeyPassword();
+
+ String rootKeyPassword = opts.rootKeystorePassword;
+ if (rootKeyPassword == null) {
+ rootKeyPassword = keyPassword;
+ }
+
CertUtils certUtils = new CertUtils(opts.keystoreType, opts.issuerDirString, opts.encryptionAlg, opts.keysize, opts.signingAlg);
if ("generate-all".equals(operation)) {
- certUtils.createAll(new File(opts.rootKeystore), new File(opts.localKeystore), new File(opts.truststore), opts.keyNamePrefix, keyPassword);
+ certUtils.createAll(new File(opts.rootKeystore), new File(opts.localKeystore), new File(opts.truststore), opts.keyNamePrefix, rootKeyPassword, keyPassword, opts.truststorePassword);
} else if ("generate-local".equals(operation)) {
- certUtils.createSignedCert(new File(opts.localKeystore), opts.keyNamePrefix + "-local", "", opts.rootKeystore, "");
+ certUtils.createSignedCert(new File(opts.localKeystore), opts.keyNamePrefix + "-local", keyPassword, opts.rootKeystore, rootKeyPassword);
} else if ("generate-self-trusted".equals(operation)) {
- certUtils.createSelfSignedCert(new File(opts.truststore), opts.keyNamePrefix + "-selfTrusted", "");
+ certUtils.createSelfSignedCert(new File(opts.truststore), opts.keyNamePrefix + "-selfTrusted", keyPassword);
} else {
JCommander jcommander = new JCommander(opts);
jcommander.setProgramName(CertUtils.class.getName());
@@ -198,16 +210,16 @@ public class CertUtils {
this.signingAlgorithm = signingAlgorithm;
}
- public void createAll(File rootKeystoreFile, File localKeystoreFile, File trustStoreFile, String keyNamePrefix, String systemPassword)
- throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, OperatorCreationException, AccumuloSecurityException,
- NoSuchProviderException, UnrecoverableKeyException, FileNotFoundException {
- createSelfSignedCert(rootKeystoreFile, keyNamePrefix + "-root", systemPassword);
- createSignedCert(localKeystoreFile, keyNamePrefix + "-local", systemPassword, rootKeystoreFile.getAbsolutePath(), systemPassword);
- createPublicCert(trustStoreFile, keyNamePrefix + "-public", rootKeystoreFile.getAbsolutePath(), systemPassword);
+ public void createAll(File rootKeystoreFile, File localKeystoreFile, File trustStoreFile, String keyNamePrefix, String rootKeystorePassword,
+ String keystorePassword, String truststorePassword) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException,
+ OperatorCreationException, AccumuloSecurityException, NoSuchProviderException, UnrecoverableKeyException, FileNotFoundException {
+ createSelfSignedCert(rootKeystoreFile, keyNamePrefix + "-root", rootKeystorePassword);
+ createSignedCert(localKeystoreFile, keyNamePrefix + "-local", keystorePassword, rootKeystoreFile.getAbsolutePath(), rootKeystorePassword);
+ createPublicCert(trustStoreFile, keyNamePrefix + "-public", rootKeystoreFile.getAbsolutePath(), rootKeystorePassword, truststorePassword);
}
- public void createPublicCert(File targetKeystoreFile, String keyName, String rootKeystorePath, String rootKeystorePassword) throws NoSuchAlgorithmException,
- CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException {
+ public void createPublicCert(File targetKeystoreFile, String keyName, String rootKeystorePath, String rootKeystorePassword, String truststorePassword)
+ throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException {
KeyStore signerKeystore = KeyStore.getInstance(keystoreType);
char[] signerPasswordArray = rootKeystorePassword.toCharArray();
signerKeystore.load(new FileInputStream(rootKeystorePath), signerPasswordArray);
@@ -216,7 +228,7 @@ public class CertUtils {
KeyStore keystore = KeyStore.getInstance(keystoreType);
keystore.load(null, null);
keystore.setCertificateEntry(keyName + "Cert", rootCert);
- keystore.store(new FileOutputStream(targetKeystoreFile), new char[0]);
+ keystore.store(new FileOutputStream(targetKeystoreFile), truststorePassword.toCharArray());
}
public void createSignedCert(File targetKeystoreFile, String keyName, String keystorePassword, String signerKeystorePath, String signerKeystorePassword)
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java b/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
index eea9ac2..1e4e68a 100644
--- a/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
+++ b/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
@@ -62,7 +62,7 @@ public class CertUtilsTest {
File rootKeyStoreFile = new File(folder.getRoot(), "root.jks");
certUtils.createSelfSignedCert(rootKeyStoreFile, "test", PASSWORD);
File publicKeyStoreFile = new File(folder.getRoot(), "public.jks");
- certUtils.createPublicCert(publicKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD);
+ certUtils.createPublicCert(publicKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD, "");
KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
keyStore.load(new FileInputStream(publicKeyStoreFile), new char[0]);
@@ -110,11 +110,11 @@ public class CertUtilsTest {
File rootKeyStoreFile = new File(folder.getRoot(), "root.jks");
certUtils.createSelfSignedCert(rootKeyStoreFile, "test", PASSWORD);
File publicRootKeyStoreFile = new File(folder.getRoot(), "publicroot.jks");
- certUtils.createPublicCert(publicRootKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD);
+ certUtils.createPublicCert(publicRootKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD, "");
File signedKeyStoreFile = new File(folder.getRoot(), "signed.jks");
certUtils.createSignedCert(signedKeyStoreFile, "test", PASSWORD, rootKeyStoreFile.getAbsolutePath(), PASSWORD);
File publicSignedKeyStoreFile = new File(folder.getRoot(), "publicsigned.jks");
- certUtils.createPublicCert(publicSignedKeyStoreFile, "test", signedKeyStoreFile.getAbsolutePath(), PASSWORD);
+ certUtils.createPublicCert(publicSignedKeyStoreFile, "test", signedKeyStoreFile.getAbsolutePath(), PASSWORD, "");
KeyStore rootKeyStore = KeyStore.getInstance(KEYSTORE_TYPE);
rootKeyStore.load(new FileInputStream(publicRootKeyStoreFile), new char[0]);
[2/5] git commit: ACCUMULO-3059 Allow configuration of truststore
password and root keystore password
Posted by el...@apache.org.
ACCUMULO-3059 Allow configuration of truststore password and root keystore password
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/384aa396
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/384aa396
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/384aa396
Branch: refs/heads/master
Commit: 384aa396736b7ddeadf38d71d3f42afda7c4d0da
Parents: 10500f6
Author: Josh Elser <el...@apache.org>
Authored: Mon Aug 11 23:30:39 2014 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Mon Aug 11 23:30:39 2014 -0400
----------------------------------------------------------------------
.../MiniAccumuloClusterStartStopTest.java | 1 -
.../accumulo/test/functional/AbstractMacIT.java | 2 +-
.../apache/accumulo/test/util/CertUtils.java | 36 +++++++++++++-------
.../accumulo/test/util/CertUtilsTest.java | 6 ++--
4 files changed, 28 insertions(+), 17 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
----------------------------------------------------------------------
diff --git a/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java b/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
index 9e38d09..b44868f 100644
--- a/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
+++ b/minicluster/src/test/java/org/apache/accumulo/minicluster/MiniAccumuloClusterStartStopTest.java
@@ -22,7 +22,6 @@ import org.apache.accumulo.core.client.Connector;
import org.apache.accumulo.core.client.ZooKeeperInstance;
import org.apache.accumulo.core.client.security.tokens.PasswordToken;
import org.junit.After;
-import org.junit.Assert;
import org.junit.Before;
import org.junit.Test;
import org.junit.rules.TemporaryFolder;
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
index 0c29dfd..4734558 100644
--- a/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
+++ b/test/src/test/java/org/apache/accumulo/test/functional/AbstractMacIT.java
@@ -101,7 +101,7 @@ public abstract class AbstractMacIT {
File publicTruststoreFile = new File(sslDir, "public-" + cfg.getInstanceName() + ".jks");
try {
new CertUtils(Property.RPC_SSL_KEYSTORE_TYPE.getDefaultValue(), "o=Apache Accumulo,cn=MiniAccumuloCluster", "RSA", 2048, "sha1WithRSAEncryption")
- .createAll(rootKeystoreFile, localKeystoreFile, publicTruststoreFile, cfg.getInstanceName(), cfg.getRootPassword());
+ .createAll(rootKeystoreFile, localKeystoreFile, publicTruststoreFile, cfg.getInstanceName(), "root_keystore_password", cfg.getRootPassword(), "");
} catch (Exception e) {
throw new RuntimeException("error creating MAC keystore", e);
}
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java b/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
index b7614b8..552a332 100644
--- a/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
+++ b/test/src/test/java/org/apache/accumulo/test/util/CertUtils.java
@@ -92,11 +92,17 @@ public class CertUtils {
@Parameter(names = {"--keystore-type"}, description = "Type of keystore file to use")
String keystoreType = "JKS";
+ @Parameter(names = {"--root-keystore-password"}, description = "Password for root keystore, falls back to --keystore-password if not provided")
+ String rootKeystorePassword = null;
+
@Parameter(
names = {"--keystore-password"},
description = "Password used to encrypt keystores. If omitted, the instance-wide secret will be used. If specified, the password must also be explicitly configured in Accumulo.")
String keystorePassword = null;
+ @Parameter(names = {"--truststore-password"}, description = "Password used to encrypt the truststore. If omitted, empty password is used")
+ String truststorePassword = "";
+
@Parameter(names = {"--key-name-prefix"}, description = "Prefix for names of generated keys")
String keyNamePrefix = CertUtils.class.getSimpleName();
@@ -162,14 +168,20 @@ public class CertUtils {
String keyPassword = opts.keystorePassword;
if (keyPassword == null)
keyPassword = getDefaultKeyPassword();
+
+ String rootKeyPassword = opts.rootKeystorePassword;
+ if (rootKeyPassword == null) {
+ rootKeyPassword = keyPassword;
+ }
+
CertUtils certUtils = new CertUtils(opts.keystoreType, opts.issuerDirString, opts.encryptionAlg, opts.keysize, opts.signingAlg);
if ("generate-all".equals(operation)) {
- certUtils.createAll(new File(opts.rootKeystore), new File(opts.localKeystore), new File(opts.truststore), opts.keyNamePrefix, keyPassword);
+ certUtils.createAll(new File(opts.rootKeystore), new File(opts.localKeystore), new File(opts.truststore), opts.keyNamePrefix, rootKeyPassword, keyPassword, opts.truststorePassword);
} else if ("generate-local".equals(operation)) {
- certUtils.createSignedCert(new File(opts.localKeystore), opts.keyNamePrefix + "-local", "", opts.rootKeystore, "");
+ certUtils.createSignedCert(new File(opts.localKeystore), opts.keyNamePrefix + "-local", keyPassword, opts.rootKeystore, rootKeyPassword);
} else if ("generate-self-trusted".equals(operation)) {
- certUtils.createSelfSignedCert(new File(opts.truststore), opts.keyNamePrefix + "-selfTrusted", "");
+ certUtils.createSelfSignedCert(new File(opts.truststore), opts.keyNamePrefix + "-selfTrusted", keyPassword);
} else {
JCommander jcommander = new JCommander(opts);
jcommander.setProgramName(CertUtils.class.getName());
@@ -198,16 +210,16 @@ public class CertUtils {
this.signingAlgorithm = signingAlgorithm;
}
- public void createAll(File rootKeystoreFile, File localKeystoreFile, File trustStoreFile, String keyNamePrefix, String systemPassword)
- throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, OperatorCreationException, AccumuloSecurityException,
- NoSuchProviderException, UnrecoverableKeyException, FileNotFoundException {
- createSelfSignedCert(rootKeystoreFile, keyNamePrefix + "-root", systemPassword);
- createSignedCert(localKeystoreFile, keyNamePrefix + "-local", systemPassword, rootKeystoreFile.getAbsolutePath(), systemPassword);
- createPublicCert(trustStoreFile, keyNamePrefix + "-public", rootKeystoreFile.getAbsolutePath(), systemPassword);
+ public void createAll(File rootKeystoreFile, File localKeystoreFile, File trustStoreFile, String keyNamePrefix, String rootKeystorePassword,
+ String keystorePassword, String truststorePassword) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException,
+ OperatorCreationException, AccumuloSecurityException, NoSuchProviderException, UnrecoverableKeyException, FileNotFoundException {
+ createSelfSignedCert(rootKeystoreFile, keyNamePrefix + "-root", rootKeystorePassword);
+ createSignedCert(localKeystoreFile, keyNamePrefix + "-local", keystorePassword, rootKeystoreFile.getAbsolutePath(), rootKeystorePassword);
+ createPublicCert(trustStoreFile, keyNamePrefix + "-public", rootKeystoreFile.getAbsolutePath(), rootKeystorePassword, truststorePassword);
}
- public void createPublicCert(File targetKeystoreFile, String keyName, String rootKeystorePath, String rootKeystorePassword) throws NoSuchAlgorithmException,
- CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException {
+ public void createPublicCert(File targetKeystoreFile, String keyName, String rootKeystorePath, String rootKeystorePassword, String truststorePassword)
+ throws NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, KeyStoreException, UnrecoverableKeyException {
KeyStore signerKeystore = KeyStore.getInstance(keystoreType);
char[] signerPasswordArray = rootKeystorePassword.toCharArray();
signerKeystore.load(new FileInputStream(rootKeystorePath), signerPasswordArray);
@@ -216,7 +228,7 @@ public class CertUtils {
KeyStore keystore = KeyStore.getInstance(keystoreType);
keystore.load(null, null);
keystore.setCertificateEntry(keyName + "Cert", rootCert);
- keystore.store(new FileOutputStream(targetKeystoreFile), new char[0]);
+ keystore.store(new FileOutputStream(targetKeystoreFile), truststorePassword.toCharArray());
}
public void createSignedCert(File targetKeystoreFile, String keyName, String keystorePassword, String signerKeystorePath, String signerKeystorePassword)
http://git-wip-us.apache.org/repos/asf/accumulo/blob/384aa396/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
----------------------------------------------------------------------
diff --git a/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java b/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
index eea9ac2..1e4e68a 100644
--- a/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
+++ b/test/src/test/java/org/apache/accumulo/test/util/CertUtilsTest.java
@@ -62,7 +62,7 @@ public class CertUtilsTest {
File rootKeyStoreFile = new File(folder.getRoot(), "root.jks");
certUtils.createSelfSignedCert(rootKeyStoreFile, "test", PASSWORD);
File publicKeyStoreFile = new File(folder.getRoot(), "public.jks");
- certUtils.createPublicCert(publicKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD);
+ certUtils.createPublicCert(publicKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD, "");
KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
keyStore.load(new FileInputStream(publicKeyStoreFile), new char[0]);
@@ -110,11 +110,11 @@ public class CertUtilsTest {
File rootKeyStoreFile = new File(folder.getRoot(), "root.jks");
certUtils.createSelfSignedCert(rootKeyStoreFile, "test", PASSWORD);
File publicRootKeyStoreFile = new File(folder.getRoot(), "publicroot.jks");
- certUtils.createPublicCert(publicRootKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD);
+ certUtils.createPublicCert(publicRootKeyStoreFile, "test", rootKeyStoreFile.getAbsolutePath(), PASSWORD, "");
File signedKeyStoreFile = new File(folder.getRoot(), "signed.jks");
certUtils.createSignedCert(signedKeyStoreFile, "test", PASSWORD, rootKeyStoreFile.getAbsolutePath(), PASSWORD);
File publicSignedKeyStoreFile = new File(folder.getRoot(), "publicsigned.jks");
- certUtils.createPublicCert(publicSignedKeyStoreFile, "test", signedKeyStoreFile.getAbsolutePath(), PASSWORD);
+ certUtils.createPublicCert(publicSignedKeyStoreFile, "test", signedKeyStoreFile.getAbsolutePath(), PASSWORD, "");
KeyStore rootKeyStore = KeyStore.getInstance(KEYSTORE_TYPE);
rootKeyStore.load(new FileInputStream(publicRootKeyStoreFile), new char[0]);
[5/5] git commit: Merge branch '1.6.1-SNAPSHOT'
Posted by el...@apache.org.
Merge branch '1.6.1-SNAPSHOT'
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/ef0b27c1
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/ef0b27c1
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/ef0b27c1
Branch: refs/heads/master
Commit: ef0b27c1e6fd5ed417ec5ae13722054ffc6461a0
Parents: 63b3bdd 011349e
Author: Josh Elser <el...@apache.org>
Authored: Mon Aug 11 23:39:35 2014 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Mon Aug 11 23:39:35 2014 -0400
----------------------------------------------------------------------
.../conf/CredentialProviderFactoryShim.java | 11 +++---
.../MiniAccumuloClusterStartStopTest.java | 1 -
.../accumulo/test/functional/AbstractMacIT.java | 2 +-
.../apache/accumulo/test/util/CertUtils.java | 36 +++++++++++++-------
.../accumulo/test/util/CertUtilsTest.java | 6 ++--
5 files changed, 34 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
[4/5] git commit: ACCUMULO-3045 Fix some misleading logging messages
Posted by el...@apache.org.
ACCUMULO-3045 Fix some misleading logging messages
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/011349e2
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/011349e2
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/011349e2
Branch: refs/heads/1.6.1-SNAPSHOT
Commit: 011349e2d1536b7ddae166c98bc2f4590ae3df1d
Parents: 384aa39
Author: Josh Elser <el...@apache.org>
Authored: Mon Aug 11 23:31:38 2014 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Mon Aug 11 23:31:38 2014 -0400
----------------------------------------------------------------------
.../core/conf/CredentialProviderFactoryShim.java | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/011349e2/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java b/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
index a1fd8c7..513b8cb 100644
--- a/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
+++ b/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
@@ -218,18 +218,19 @@ public class CredentialProviderFactoryShim {
return (char[]) credential;
} catch (IllegalArgumentException e) {
- log.warn("Failed to get credential from {}", providerObj, e);
+ log.warn("Failed to get credential for {} from {}", alias, providerObj, e);
continue;
} catch (IllegalAccessException e) {
- log.warn("Failed to get credential from {}", providerObj, e);
+ log.warn("Failed to get credential for {} from {}", alias, providerObj, e);
continue;
} catch (InvocationTargetException e) {
- log.warn("Failed to get credential from {}", providerObj, e);
+ log.warn("Failed to get credential for {} from {}", alias, providerObj, e);
continue;
}
}
-
- log.warn("Could not extract credential from providers");
+
+ // If we didn't find it, this isn't an error, it just wasn't set in the CredentialProvider
+ log.trace("Could not extract credential for {} from providers", alias);
return null;
}
[3/5] git commit: ACCUMULO-3045 Fix some misleading logging messages
Posted by el...@apache.org.
ACCUMULO-3045 Fix some misleading logging messages
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/011349e2
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/011349e2
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/011349e2
Branch: refs/heads/master
Commit: 011349e2d1536b7ddae166c98bc2f4590ae3df1d
Parents: 384aa39
Author: Josh Elser <el...@apache.org>
Authored: Mon Aug 11 23:31:38 2014 -0400
Committer: Josh Elser <el...@apache.org>
Committed: Mon Aug 11 23:31:38 2014 -0400
----------------------------------------------------------------------
.../core/conf/CredentialProviderFactoryShim.java | 11 ++++++-----
1 file changed, 6 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/011349e2/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java b/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
index a1fd8c7..513b8cb 100644
--- a/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
+++ b/core/src/main/java/org/apache/accumulo/core/conf/CredentialProviderFactoryShim.java
@@ -218,18 +218,19 @@ public class CredentialProviderFactoryShim {
return (char[]) credential;
} catch (IllegalArgumentException e) {
- log.warn("Failed to get credential from {}", providerObj, e);
+ log.warn("Failed to get credential for {} from {}", alias, providerObj, e);
continue;
} catch (IllegalAccessException e) {
- log.warn("Failed to get credential from {}", providerObj, e);
+ log.warn("Failed to get credential for {} from {}", alias, providerObj, e);
continue;
} catch (InvocationTargetException e) {
- log.warn("Failed to get credential from {}", providerObj, e);
+ log.warn("Failed to get credential for {} from {}", alias, providerObj, e);
continue;
}
}
-
- log.warn("Could not extract credential from providers");
+
+ // If we didn't find it, this isn't an error, it just wasn't set in the CredentialProvider
+ log.trace("Could not extract credential for {} from providers", alias);
return null;
}