[jira] [Comment Edited] (CASSANDRA-18508) Sensitive JMX SSL configuration options can be easily exposed

Sun, 21 May 2023 03:25:06 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-18508?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17724610#comment-17724610
 ] 

Stefan Miklosovic edited comment on CASSANDRA-18508 at 5/21/23 10:24 AM:
-------------------------------------------------------------------------

There is also CASSANDRA-11695 we can be inspired of.


was (Author: smiklosovic):
There is also CASSANDRA-11695 we can be inspirated of.

> Sensitive JMX SSL configuration options can be easily exposed
> -------------------------------------------------------------
>
>                 Key: CASSANDRA-18508
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-18508
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Feature/Encryption
>            Reporter: Anthony Grasso
>            Assignee: Anthony Grasso
>            Priority: Normal
>             Fix For: 4.0.x, 4.1.x, 5.0
>
>
> We need a way to specify sensitive JMX SSL configuration options to avoid 
> them being easily exposed.
> When encrypting the JMX connection the passwords for the key and trust stores 
> must be specified using the {{javax.net.ssl.keyStorePassword}} and 
> {{javax.net.ssl.trustStorePassword}} options respectively in the 
> _cassandra-env.sh_ file. After Cassandra is started it is possible to see the 
> passwords by looking the running process ({{ps aux | grep "cassandra"}}).
> Java 8 has the ability to specify a configuration file that can contain these 
> security sensitive settings using the {{com.sun.management.config.file}} 
> argument. However, despite what the documentation 
> ([https://docs.oracle.com/javase/8/docs/technotes/guides/management/agent.html#gdevf])
>  says, both the {{com.sun.management.jmxremote}} and 
> {{com.sun.management.jmxremote.port}} arguments need to be defined in the 
> _cassandra-env.sh_ for the JVM to read the contents of the file.
> The problem with defining the {{com.sun.management.jmxremote.port}} argument 
> is it conflicts with the {{cassandra.jmx.remote.port}} argument. Even if the 
> port numbers are different, attempting an encrypted JMX connection using 
> {{nodetool}} fails and we see a {{ConnectException: 'Connection refused 
> (Connection refused)'}} error.
> One possible way to fix this is to introduce a new option that would allow a 
> file to be passed containing the JMX encryption options.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to