[
https://issues.apache.org/jira/browse/ZOOKEEPER-3689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17048067#comment-17048067
]
Sankalp Bhatia commented on ZOOKEEPER-3689:
-------------------------------------------
Hi Ron, Apologies for that. I have corrected the link.
I will try to post a PR shortly.
> zkCli/ZooKeeperMain relies on system properties for TLS config
> --------------------------------------------------------------
>
> Key: ZOOKEEPER-3689
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3689
> Project: ZooKeeper
> Issue Type: New Feature
> Components: security, server
> Affects Versions: 3.6.0, 3.5.5, 3.5.6
> Reporter: Ron Dagostino
> Priority: Major
>
> The command line client to ZooKeeper (org.apache.zookeeper.ZooKeeperMain,
> invoked via bin/zkCli.{bat,sh}) has no facility for accepting TLS client
> configuration (e.g. keystore/truststore location and password) except via
> system properties. System properties must be passed on the command line as
> "-D" arguments and are inherently not secure. There should be a way to pass
> the client TLS configuration to org.apache.zookeeper.ZooKeeperMain in a more
> secure way (e.g. via a file).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
