[
https://issues.apache.org/jira/browse/SOLR-11678?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Constantin Bugneac updated SOLR-11678:
--------------------------------------
Description:
If I specify different passwords for store and key then Solr fails to read
certificate from JKS file with the attached error.
Example:
SOLR_SSL_KEY_STORE_PASSWORD: "secret1"
SOLR_SSL_TRUST_STORE_PASSWORD: "secret2"
I don't know whether this is JAVA nuance or Solr implementation issue but from
security point of view there is no point to have the same password assigned for
both the key store and private key bound to specific certificate.
was:
If I specify different passwords for store and key then Solr fails to read
certificate from JKS file with the attached error.
Example:
SOLR_SSL_KEY_STORE_PASSWORD: "secret1"
SOLR_SSL_TRUST_STORE_PASSWORD: "secret2"
I don't know whether this is JAVA nuance or Solr implementation issue but from
security point of view there is no point to have the same password assigned for
key store and private key bound to certificate.
> SSL not working if store and key passwords are different
> --------------------------------------------------------
>
> Key: SOLR-11678
> URL: https://issues.apache.org/jira/browse/SOLR-11678
> Project: Solr
> Issue Type: Bug
> Security Level: Public(Default Security Level. Issues are Public)
> Components: security
> Affects Versions: 6.6.2
> Reporter: Constantin Bugneac
>
> If I specify different passwords for store and key then Solr fails to read
> certificate from JKS file with the attached error.
> Example:
> SOLR_SSL_KEY_STORE_PASSWORD: "secret1"
> SOLR_SSL_TRUST_STORE_PASSWORD: "secret2"
> I don't know whether this is JAVA nuance or Solr implementation issue but
> from security point of view there is no point to have the same password
> assigned for both the key store and private key bound to specific certificate.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
