[
https://issues.apache.org/jira/browse/HDFS-14951?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16968723#comment-16968723
]
Wei-Chiu Chuang commented on HDFS-14951:
----------------------------------------
Good catch [~smeng]. Can we also add that check for keystore password
[~hanishakoneru]?
Also, what happens after this change?
Looking at Jetty's source code, it looks like it'll attempt to use keystore
password to open trust store if truststore password is not set. So it's not
clear to me what happens next if key store password is also null. Will we end
up with the same situation?
> KMS Jetty server does not startup if trust store password is null
> -----------------------------------------------------------------
>
> Key: HDFS-14951
> URL: https://issues.apache.org/jira/browse/HDFS-14951
> Project: Hadoop HDFS
> Issue Type: Bug
> Reporter: Hanisha Koneru
> Assignee: Hanisha Koneru
> Priority: Major
> Attachments: HDFS-14951.001.patch
>
>
> In HttpServe2, if the trustStore is set but the trust store password is not,
> then we set the TrustStorePassword of SSLContextFactory to null. This results
> in the Jetty server not starting up.
> {code:java}
> In HttpServer2#createHttpsChannelConnector(),
> if (trustStore != null) {
> sslContextFactory.setTrustStorePath(trustStore);
> sslContextFactory.setTrustStoreType(trustStoreType);
> sslContextFactory.setTrustStorePassword(trustStorePassword);
> }
> {code}
> Before setting the trust store password, we should check that it is not null.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
