[
https://issues.apache.org/jira/browse/DRILL-5663?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16113349#comment-16113349
]
ASF GitHub Bot commented on DRILL-5663:
---------------------------------------
Github user sindhurirayavaram commented on a diff in the pull request:
https://github.com/apache/drill/pull/874#discussion_r131238139
--- Diff:
exec/java-exec/src/main/java/org/apache/drill/exec/ExecConstants.java ---
@@ -122,10 +122,10 @@
String HTTP_SESSION_MEMORY_RESERVATION =
"drill.exec.http.session.memory.reservation";
String HTTP_SESSION_MEMORY_MAXIMUM =
"drill.exec.http.session.memory.maximum";
String HTTP_SESSION_MAX_IDLE_SECS =
"drill.exec.http.session_max_idle_secs";
- String HTTP_KEYSTORE_PATH = "javax.net.ssl.keyStore";
--- End diff --
Using the _javax_ property name for Drill property might be confusing for
users, since changing that value inside Drill configuration will not reflect on
the actual System property. So to avoid that confusion this property was
renamed taking example from
[Hadoop](https://hadoop.apache.org/docs/r2.7.2/hadoop-mapreduce-client/hadoop-mapreduce-client-core/EncryptedShuffle.html)
and
[IBM](https://www.ibm.com/support/knowledgecenter/en/SSZH4A_5.0.6/com.ibm.worklight.help.doc/admin/r_ssl_certificate_keystore_setup.html).
Though Hadoop provides separate parameter for client/server whereas Drill has
only server side config, these properties can be renamed to include _.server_
if needed. But making this name change will not affect Drill users already
using the older property since backward compatibility is provided here. It will
work seamlessly for them. All the below scenarios are tested.
1) Setting javax.ssl.* properties in drill-override.conf
2) Setting javax.ssl.* properties as system options with -D option.
3) Setting ssl.* properties in drill-override.conf
So if a user provide the property values only as system property, then both
Drill and JSSE will still be consuming it and work as expected.
> Drillbit fails to start when only keystore path is provided without keystore
> password.
> --------------------------------------------------------------------------------------
>
> Key: DRILL-5663
> URL: https://issues.apache.org/jira/browse/DRILL-5663
> Project: Apache Drill
> Issue Type: Bug
> Reporter: Sorabh Hamirwasia
> Assignee: Sindhuri Ramanarayan Rayavaram
>
> When we configure keystore path without keystore password inside
> drill-override.conf for WebServer, then Drillbit fails to start. We should
> explicitly check for either both being present or both being absent. If any
> one of them is only present then throw startup exception for Drill.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
