[jira] [Updated] (ARTEMIS-3387) LDAPLoginModule using ssl with specific truststore and password

Thu, 15 Jul 2021 04:20:04 -0700 


     [ 
https://issues.apache.org/jira/browse/ARTEMIS-3387?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Paul Vogt updated ARTEMIS-3387:
-------------------------------
    Description: 
Using ldaps requires to specify a truststore if the CA certificate of the ldap 
server is not in the cacerts file. The truststore can be set  using command 
line parameters like

-Djavax.net.ssl.trustStore=/appl/amq/security/paul_1_test/paul_1_test_ts.p12

-Djavax.net.ssl.trustStorePassword=changeit

-Djavax.net.ssl.trustStoreType=PKCS12

However this shows the truststore password with the ps -ef command. 

Desired solution : adding 3 properties to  
org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule

connectionTrustStore=

connectionTrustStorePassword=

connectionTrustStoreType=

 

So the truststore can be specified without showing it in the process list. 

 

  was:
Using ldaps requires to specify a truststore if the CA certificate of the ldap 
server is not in the cacerts file. The truststore can be set  using command 
line parameters like

-Djavax.net.ssl.trustStore=/appl/amq/security/paul_1_test/paul_1_test_ts.p12

-Djavax.net.ssl.trustStorePassword=changeit

-Djavax.net.ssl.trustStoreType=PKCS12

However this shows the truststore password with the ps -ef command. 

Desired solution : adding 2 properties to  
org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule

connectionTrustStore=

connectionTrustStorePassword=

 

So the truststore can be specified without showing it in the process list. 

 


> LDAPLoginModule using ssl with specific truststore and password
> ---------------------------------------------------------------
>
>                 Key: ARTEMIS-3387
>                 URL: https://issues.apache.org/jira/browse/ARTEMIS-3387
>             Project: ActiveMQ Artemis
>          Issue Type: Wish
>          Components: JAAS
>            Reporter: Paul Vogt
>            Priority: Minor
>
> Using ldaps requires to specify a truststore if the CA certificate of the 
> ldap server is not in the cacerts file. The truststore can be set  using 
> command line parameters like
> -Djavax.net.ssl.trustStore=/appl/amq/security/paul_1_test/paul_1_test_ts.p12
> -Djavax.net.ssl.trustStorePassword=changeit
> -Djavax.net.ssl.trustStoreType=PKCS12
> However this shows the truststore password with the ps -ef command. 
> Desired solution : adding 3 properties to  
> org.apache.activemq.artemis.spi.core.security.jaas.LDAPLoginModule
> connectionTrustStore=
> connectionTrustStorePassword=
> connectionTrustStoreType=
>  
> So the truststore can be specified without showing it in the process list. 
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to