[ https://issues.apache.org/jira/browse/FLINK-23568?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17696965#comment-17696965 ]
Adrian Vasiliu commented on FLINK-23568: ---------------------------------------- No feedback on this issue which is critical for production-grade usages of Flink? AFAIK this still holds similarly with Flink 1.16/1.17. > Plaintext Java Keystore Password Risks in the flink-conf.yaml File > ------------------------------------------------------------------ > > Key: FLINK-23568 > URL: https://issues.apache.org/jira/browse/FLINK-23568 > Project: Flink > Issue Type: Improvement > Components: Runtime / Configuration > Affects Versions: 1.11.3 > Reporter: Hui Wang > Priority: Major > > When REST SSL is enabled, the plaintext password of the Java keystore needs > to be configured in the flink-conf.yaml configuration of Flink, which poses > great security risks. It is hoped that the community can provide the > capability of encrypting and storing passwords in the flink-conf.yaml file. > > {code:java} > security.ssl.internal.keystore-password: keystore_password > security.ssl.internal.key-password: key_password > security.ssl.internal.truststore-password: truststore_password{code} > -- This message was sent by Atlassian Jira (v8.20.10#820010)