[
https://issues.apache.org/jira/browse/SOLR-10307?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16055445#comment-16055445
]
Michael Suzuki commented on SOLR-10307:
---------------------------------------
Yes the above example works for me, it is worth updating the documentation on
how to setup ssl as above.
I was setting all the details in solr.ini.sh as per the documentation. To
recreate my issue start a new terminal and insure none of the values are set,
verify by using echo.
{code}
echo $SOLR_SSL_ENABLED
echo $SOLR_SSL_KEY_STORE
echo $SOLR_SSL_KEY_STORE_PASSWORD
echo $SOLR_SSL_TRUST_STORE
echo $SOLR_SSL_TRUST_STORE_PASSWORD
{code}
Then uncomment and set the values in solr.ini.sh and start solr, expected to
work instead and error is thrown "Keystore was tampered with, or password was
incorrect".
> Provide SSL/TLS keystore password a more secure way
> ---------------------------------------------------
>
> Key: SOLR-10307
> URL: https://issues.apache.org/jira/browse/SOLR-10307
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Reporter: Mano Kovacs
> Assignee: Mark Miller
> Fix For: master (7.0), 6.7
>
> Attachments: SOLR-10307.patch, SOLR-10307.patch, SOLR-10307.patch
>
>
> Currently the only way to pass server and client side SSL keytstore and
> truststore passwords is to set specific environment variables that will be
> passed as system properties, through command line parameter.
> First option is to pass passwords through environment variables which gives a
> better level of protection. Second option would be to use hadoop credential
> provider interface to access credential store.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
