[
https://issues.apache.org/jira/browse/STORM-3184?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ASF GitHub Bot updated STORM-3184:
----------------------------------
Labels: pull-request-available (was: )
> Storm supervisor log showing keystore and truststore password in plaintext
> --------------------------------------------------------------------------
>
> Key: STORM-3184
> URL: https://issues.apache.org/jira/browse/STORM-3184
> Project: Apache Storm
> Issue Type: Bug
> Components: storm-core
> Affects Versions: 1.1.1
> Reporter: Arpit Khare
> Priority: Major
> Labels: pull-request-available
>
> When we enable SSL for Apache storm, the superviosr log shows the keystore
> and truststore password in the plaintext
> log name : /var/log/storm/supervisor.log
> {code}
> 2018-05-28 16:21:12.594 o.a.s.d.s.Supervisor main [INFO] Starting supervisor
> for storm version '1.1.1.3.1.1.0-35'.
> 2018-05-28 16:21:12.595 o.a.s.d.s.Supervisor main [INFO] Starting Supervisor
> with conf {storm.messaging.netty.min_wait_ms=100,
> storm.zookeeper.auth.user=null, storm.messaging.netty.buffer_s
> ize=5242880,
> client.jartransformer.class=org.apache.storm.hack.StormShadeTransformer,
> storm.exhibitor.port=8080, pacemaker.auth.method=NONE, ui.filter=null,
> worker.profiler.enabled=false
> ui.https.key.password=pass123
> ui.https.keystore.password=pass123
> {code}
> For the below properties created in custom-storm-site section in Ambari while
> enabling SSL.
> {code}
> ui.https.key.password=pass123
> ui.https.keystore.password=pass123
> {code}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
