[ https://issues.apache.org/jira/browse/SLIDER-263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14187776#comment-14187776 ]
Jonathan Maron commented on SLIDER-263: --------------------------------------- I'm starting to think that this is actually unnecessary. Currently, when the AM starts, it generates a keystore password randomly and maintains it in memory. Elements that require access to the keystore (SSL related classes) request the password from SecurityUtils. If the AM restarts, the keystore, password, etc are regenerated and, if two way SSL is enabled for agent-AM communication, the new certificate is retrieved by the agents to re-establish communication. So the keystore password actually never even need to be persisted since it is only required for the life of the given AM instance. I think I'll simply modify the existing implementation to not persist the password to a file - there is no need. Similarly, there is no need to persist the password to a credential provider. > leverage CredentialProvider for password and possibly passphrase retrieval > for agent SSL communication > ------------------------------------------------------------------------------------------------------ > > Key: SLIDER-263 > URL: https://issues.apache.org/jira/browse/SLIDER-263 > Project: Slider > Issue Type: Bug > Reporter: Jonathan Maron > Assignee: Jonathan Maron > Fix For: Slider 0.60 > > > Much like the accumulo approach in SLIDER-254, look at using the credential > provider in the context of establishing SSL communication between the App > Master and agents in spawned containers. -- This message was sent by Atlassian JIRA (v6.3.4#6332)