[
https://issues.apache.org/jira/browse/AMQ-9752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18053081#comment-18053081
]
Jean-Baptiste Onofré commented on AMQ-9752:
-------------------------------------------
I think you can load only properties from a file with PropertyPlaceholder but
not a single property.
Maybe it's good enough though.
> Be able to read SSL keystore password from a file or env variable or use
> encrypted password in the conf
> -------------------------------------------------------------------------------------------------------
>
> Key: AMQ-9752
> URL: https://issues.apache.org/jira/browse/AMQ-9752
> Project: ActiveMQ
> Issue Type: Improvement
> Components: Security/JAAS
> Reporter: Jean-Baptiste Onofré
> Assignee: Jean-Baptiste Onofré
> Priority: Major
> Fix For: 6.1.9, 6.2.1
>
>
> Today, a classic way to setup SSL is to add the SSL context in the
> activemq.xml like this:
> {code:java}
> <sslContext>
> <sslContext keyStore="org/apache/activemq/security/broker1.ks"
> keyStorePassword="password"
> trustStore="org/apache/activemq/security/activemq-revoke.jks"
> trustStorePassword="password"
> crlPath="org/apache/activemq/security/activemq-revoke.crl"/>
> </sslContext> {code}
> The keyStorePassword and trustStorePassword have to be in clear (or we have
> to use Jasypt encryption).
> Jasypt encryption needs extra setup in the activemq.xml.
> I'm proposing to simplify to deal with password in activemq.xml by having
> "external" password placeholder, like keyStorePassword="file://foo" or
> keyStorePassword="env:bar".
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
