Demetrius Tsitrelis created CLOUDSTACK-6948:
-----------------------------------------------
Summary: realhostip.keystore uses hard-coded password
Key: CLOUDSTACK-6948
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6948
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Management Server, Virtual Router
Affects Versions: 4.3.0
Reporter: Demetrius Tsitrelis
The config_ssl.sh and ConsoleProxySecureServerFactoryImpl.java files hard-code
the password as "vmops.com". This keystore contains the private key of the SSL
server and if that is compromised could allow for a man-in-the-middle attack.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
