[
https://issues.apache.org/jira/browse/ZOOKEEPER-3689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17047558#comment-17047558
]
Ron Dagostino commented on ZOOKEEPER-3689:
------------------------------------------
Hi Sankalp. The link you posted gave the response below. I am not able to
work on this, so I imagine submitting a PR for discussion would be a good way
to go.
Ron
Web page response: “Non-Amazon Employees, you have been mistakenly directed to
an internal-only Amazon system. If you were given a link that brought you to
this page, please let the source responsible for the link know that the link
they have provided does not work for non-Amazon employees. They should be able
to provide you with a corrected link...”
> zkCli/ZooKeeperMain relies on system properties for TLS config
> --------------------------------------------------------------
>
> Key: ZOOKEEPER-3689
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3689
> Project: ZooKeeper
> Issue Type: New Feature
> Components: security, server
> Affects Versions: 3.6.0, 3.5.5, 3.5.6
> Reporter: Ron Dagostino
> Priority: Major
>
> The command line client to ZooKeeper (org.apache.zookeeper.ZooKeeperMain,
> invoked via bin/zkCli.{bat,sh}) has no facility for accepting TLS client
> configuration (e.g. keystore/truststore location and password) except via
> system properties. System properties must be passed on the command line as
> "-D" arguments and are inherently not secure. There should be a way to pass
> the client TLS configuration to org.apache.zookeeper.ZooKeeperMain in a more
> secure way (e.g. via a file).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
