-
Bug
-
Resolution: Done
-
Major
-
jboss-fuse-6.3
-
None
-
%
-
-
Fuse 7.3 Sprint 40 - Dev #1
Parent issue: https://issues.jboss.org/browse/ENTESB-7459.
The command used to encrypt the password is
fabric:encrypt-message changeit
which will output something like
Encrypting message changeit
Using algorithm PBEWithMD5AndDES and password admin
Result: 34tPFod1/zoPA3Aqm80zi/SkUNhHJIZE
If we put this in fabric profile in the following format
system.javax.net.ssl.trustStore=c:/keystores/test.jks
system.javax.net.ssl.trustStorePassword=${crypt:34tPFod1/zoPA3Aqm80zi/SkUNhHJIZE}
system.javax.net.ssl.keyStore=c:/keystores/test.jks
system.javax.net.ssl.keyStorePassword=${crypt:34tPFod1/zoPA3Aqm80zi/SkUNhHJIZE}
After adding the profile to the Fabric container, the etc/system.properties file contains:
javax.net.ssl.trustStore = c:/keystores/test.jks javax.net.ssl.trustStorePassword = changeit javax.net.ssl.keyStore = c:/keystores/test.jks javax.net.ssl.keyStorePassword = changeit javax.net.ssl.keyStorePassword.encrypted = crypt:34tPFod1/zoPA3Aqm80zi/SkUNhHJIZE javax.net.ssl.trustStorePassword.encrypted = crypt:34tPFod1/zoPA3Aqm80zi/SkUNhHJIZE
We can see the decrypted password appearing in the system.properties file if it is already encrypted, in clear text.
The /etc/system.properties file should not display any password in clear text.
- is related to
-
-
- Done
-
-
ENTESB-9132 Use Elytron Credential Store in custom PersistenceManager with new felix.configadmin 1.9.0
-
- Closed
-
