kgiusti commented on a change in pull request #582: DISPATCH-1440 - Deprecated passwordFile attribute in sslProfile and m… URL: https://github.com/apache/qpid-dispatch/pull/582#discussion_r332157060
########## File path: docs/books/user-guide/configuration-reference.adoc ########## @@ -76,8 +76,8 @@ Attributes for setting SSL/TLS configuration for connections. * *_caCertFile_* (path) : The absolute path to the database that contains the public certificates of trusted certificate authorities (CA). * *_certFile_* (path) : The absolute path to the file containing the PEM-formatted public certificate to be used on the local end of any connections using this profile. * *_privateKeyFile_* (path) : The absolute path to the file containing the PEM-formatted private key for the above certificate. -* *_passwordFile_* (path) : If the above private key is password protected, this is the absolute path to a file containing the password that unlocks the certificate key. -* *_password_* (string) : An alternative to storing the password in a file referenced by passwordFile is to supply the password right here in the configuration file. This option can be used by supplying the password in the ‘password’ option. Don’t use both password and passwordFile in the same profile. +* *_passwordFile_* (path) : (DEPRECATED) If the above private key is password protected, this is the absolute path to the file containing the password that unlocks the certificate key. This file should be permission protected to limit access. This has been deprecated. Use the file: prefix in the password field to specify the absolute path of the file containing the password. If both password and passwordFile are provided, the passwordFile is ignored. +* *_password_* (string) : Password that unlocks the certificate key. Supports three openssl style prefixes namely - env:, file: pass:. Also supports the legacy literal: prefix. env:var obtains the password from the environment variable var. Since the environment of other processes is visible on certain platforms (e.g. ps under certain Unix OSes) this option should be used with caution. file:absolutepath obtains passswrod from the absolute path of the file containing the password. This option is the safest since permissions can be set on the file. pass:password or literal:password or password with no prefix is used to directly specify the password and should only be used where security is not important. If both password and passwordFile are provided, the passwordFile is ignored. Review comment: passwrod? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
