[jira] [Commented] (KAFKA-2656) Default SSL keystore and truststore config are unusable

ASF GitHub Bot (JIRA) Mon, 19 Oct 2015 13:51:13 -0700

    [ 
https://issues.apache.org/jira/browse/KAFKA-2656?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14964030#comment-14964030
 ]


ASF GitHub Bot commented on KAFKA-2656:
---------------------------------------

Github user asfgit closed the pull request at:

    https://github.com/apache/kafka/pull/312


> Default SSL keystore and truststore config are unusable
> -------------------------------------------------------
>
>                 Key: KAFKA-2656
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2656
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Rajini Sivaram
>            Assignee: Rajini Sivaram
>            Priority: Critical
>             Fix For: 0.9.0.0
>
>
> Default truststore for clients and default key and truststore for Kafka 
> server are set to files in /tmp along with simplistic passwords. Since no 
> sample stores are packaged with Kafka anyway, there is no value in hardcoded 
> paths and passwords as defaults. 
> Moreover these defaults prevent the use of standard javax.net.ssl properties. 
> And they force truststores to be set in Kafka configuration even when 
> certificates are signed by a trusted authority included in the Java cacerts.
> Default keystores and truststores should be replaced with JVM defaults.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (KAFKA-2656) Default SSL keystore and truststore config are unusable

Reply via email to