[
https://issues.apache.org/jira/browse/HADOOP-13923?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15768002#comment-15768002
]
Xiao Chen commented on HADOOP-13923:
------------------------------------
I don't think this is at all encouraging the use of keytool, but providing a
secure-minded admin a way to change their key password. The keystore itself is
JKSP specific, which isn't a recommended production implementation.
But technically I think adding this to the keyprovider API would work too,
since from there JKSP can change the keystore and all keys' password
altogether. Will work on a patch for that direction if no objections
> Allow changing password on JavaKeyStoreProvider generated keystores
> --------------------------------------------------------------------
>
> Key: HADOOP-13923
> URL: https://issues.apache.org/jira/browse/HADOOP-13923
> Project: Hadoop Common
> Issue Type: Improvement
> Components: kms
> Affects Versions: 2.6.0
> Reporter: Xiao Chen
> Assignee: Xiao Chen
> Attachments: HADOOP-13923.01.patch
>
>
> {{JavaKeyStoreProvider}} generates a jceks keystore file for key storage.
> Although we have different fall backs in {{ProviderUtils#locatePassword}} to
> specify the keystore password, it appears the password itself can never be
> changed after generation.
> This jira is to make it possible to change the keystore password.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
