[ https://issues.apache.org/jira/browse/ZOOKEEPER-3689?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Enrico Olivelli resolved ZOOKEEPER-3689. ---------------------------------------- Resolution: Fixed Issue resolved by pull request 1285 [https://github.com/apache/zookeeper/pull/1285] > zkCli/ZooKeeperMain relies on system properties for TLS config > -------------------------------------------------------------- > > Key: ZOOKEEPER-3689 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3689 > Project: ZooKeeper > Issue Type: New Feature > Components: security, server > Affects Versions: 3.6.0, 3.5.5, 3.5.6 > Reporter: Ron Dagostino > Assignee: Sankalp Bhatia > Priority: Major > Labels: pull-request-available > Fix For: 3.6.1 > > Time Spent: 2h 10m > Remaining Estimate: 0h > > The command line client to ZooKeeper (org.apache.zookeeper.ZooKeeperMain, > invoked via bin/zkCli.{bat,sh}) has no facility for accepting TLS client > configuration (e.g. keystore/truststore location and password) except via > system properties. System properties must be passed on the command line as > "-D" arguments and are inherently not secure. There should be a way to pass > the client TLS configuration to org.apache.zookeeper.ZooKeeperMain in a more > secure way (e.g. via a file). -- This message was sent by Atlassian Jira (v8.3.4#803005)