[ https://issues.apache.org/jira/browse/GERONIMO-4927?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12770373#action_12770373 ]
Kevan Miller commented on GERONIMO-4927: ---------------------------------------- There is no TomcatWebSSLConnector GBean in 2.2. All the config info is in var/catalina/server.xml. So, mechanism for 2.1.x won't work on 2.2. Don't know of a way to accomplish this on 2.2, at the moment -- unfortunate. > keystorePass attribute on TomcatWebSSLConnector GBean should be > encrypted/obscured > ---------------------------------------------------------------------------------- > > Key: GERONIMO-4927 > URL: https://issues.apache.org/jira/browse/GERONIMO-4927 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Affects Versions: 2.2, 3.0 > Reporter: Kevan Miller > Fix For: 2.1.5, 2.2, 3.0 > > > keystorePass does not conform to the current convention for > encrypting/obscuring GBean attributes. Currently, attribute names with > 'password' will be encrypted. > We should either recognize keystorePass as an attribute requiring encryption > or add a new keystorePassword attribute and start using that (with some > appropriate migration logic, if a 'keystorePass' is configured). I guess I > prefer the latter option. Other opinions? -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.