[jira] [Resolved] (ZOOKEEPER-3689) zkCli/ZooKeeperMain relies on system properties for TLS config

Enrico Olivelli (Jira) Thu, 26 Mar 2020 14:20:23 -0700


     [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-3689?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Enrico Olivelli resolved ZOOKEEPER-3689.
----------------------------------------
    Resolution: Fixed

Issue resolved by pull request 1285
[https://github.com/apache/zookeeper/pull/1285]

> zkCli/ZooKeeperMain relies on system properties for TLS config
> --------------------------------------------------------------
>
>                 Key: ZOOKEEPER-3689
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-3689
>             Project: ZooKeeper
>          Issue Type: New Feature
>          Components: security, server
>    Affects Versions: 3.6.0, 3.5.5, 3.5.6
>            Reporter: Ron Dagostino
>            Assignee: Sankalp Bhatia
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 3.6.1
>
>          Time Spent: 2h 10m
>  Remaining Estimate: 0h
>
> The command line client to ZooKeeper (org.apache.zookeeper.ZooKeeperMain, 
> invoked via bin/zkCli.{bat,sh}) has no facility for accepting TLS client 
> configuration (e.g. keystore/truststore location and password) except via 
> system properties.  System properties must be passed on the command line as 
> "-D" arguments and are inherently not secure.  There should be a way to pass 
> the client TLS configuration to org.apache.zookeeper.ZooKeeperMain in a more 
> secure way (e.g. via a file).



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Resolved] (ZOOKEEPER-3689) zkCli/ZooKeeperMain relies on system properties for TLS config

Reply via email to