In passing the new acceptor and connector ssl configuration through AMQ_ACCEPTORS / AMQ_CONNECTORS environment variables it exposes the passwords to the associated key stores and trust stores as they are readable in plain text.