[jira] [Updated] (KAFKA-2656) Default SSL keystore and truststore config are unusable

Jun Rao (JIRA) Mon, 19 Oct 2015 13:50:00 -0700

     [ 
https://issues.apache.org/jira/browse/KAFKA-2656?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jun Rao updated KAFKA-2656:
---------------------------
    Resolution: Fixed
        Status: Resolved  (was: Patch Available)

Issue resolved by pull request 312
[https://github.com/apache/kafka/pull/312]

> Default SSL keystore and truststore config are unusable
> -------------------------------------------------------
>
>                 Key: KAFKA-2656
>                 URL: https://issues.apache.org/jira/browse/KAFKA-2656
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: Rajini Sivaram
>            Assignee: Rajini Sivaram
>            Priority: Critical
>             Fix For: 0.9.0.0
>
>
> Default truststore for clients and default key and truststore for Kafka 
> server are set to files in /tmp along with simplistic passwords. Since no 
> sample stores are packaged with Kafka anyway, there is no value in hardcoded 
> paths and passwords as defaults. 
> Moreover these defaults prevent the use of standard javax.net.ssl properties. 
> And they force truststores to be set in Kafka configuration even when 
> certificates are signed by a trusted authority included in the Java cacerts.
> Default keystores and truststores should be replaced with JVM defaults.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (KAFKA-2656) Default SSL keystore and truststore config are unusable

Reply via email to