[
https://issues.apache.org/jira/browse/CASSANDRA-18124?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17704487#comment-17704487
]
Tibor Repasi commented on CASSANDRA-18124:
------------------------------------------
My opinion concerning the warnings is, that your approach of changing the
warning logic is fine and the only suitable way for 4.1.x.
In 5.x however, the legacy configuration parameter should be removed, along
with the whole code to generate these warnings. But that's a different issue
and I don't know about a ticket for that.
> Config parameter keystore_password should be nullable
> -----------------------------------------------------
>
> Key: CASSANDRA-18124
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18124
> Project: Cassandra
> Issue Type: Bug
> Components: Local/Config
> Reporter: Tibor Repasi
> Assignee: Maulin Vasavada
> Priority: Normal
> Fix For: 4.1.x, 5.x
>
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Some SSL configuration may pass unencrypted private keys. PEMReader might
> accept that by assuming keyPassword to be null in that case (e.g.
> https://github.com/apache/cassandra/blob/f9e033f519c14596da4dc954875756a69aea4e78/src/java/org/apache/cassandra/security/PEMReader.java#L103).
> Current configuration reader does not accept keystore_password parameter to
> be set null or empty in the cassandra.yaml.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
