Nikos Massios [http://community.jboss.org/people/massios] created the discussion
"Encrypt SSL KeyStorePassword in remoting-sslbisocket-service.xml" To view the discussion, visit: http://community.jboss.org/message/576595#576595 -------------------------------------------------------------- Hello, I am using jboss 5.1 GA. I would like to encrypt the ssl keystore password in the remoting-sslbisocket-service.xml of jboss messaging. This xml contains the following mbean configuration. This xml of jboss messaging is using the org.jboss.remoting.securirity.SSLSocketBuilder mbean of jboss remoting. From what I can see here http://docs.jboss.org/jbosasremoting/docs/api/org/jboss/remoting/security/SSLSocketBuilder.html http://docs.jboss.org/jbosasremoting/docs/api/org/jboss/remoting/security/SSLSocketBuilder.html there is no way to encrypt the keystore, trustsore passwords. Am I correct? Has anyone tried extending the SSLSocketBuilder class to provide such functionality? I am considering doing this myself. Thanks, Nikos. mbean code=org.jboss.remoting.security.SSLSocketBuilder name=jboss.messaging:service=SocketBuilder,type=SSL display-name=SSL Server Socket Factory Builder> - <!-- IMPORTANT - If making ANY customizations, this MUST be set to false. Otherwise, will used default settings and the following attributes will be ignored. --> <attribute name="UseSSLServerSocketFactory">false</attribute> - <!-- This is the url string to the key store to use --> <attribute name="KeyStoreURL">${jboss.server.home.url}/conf/ssl/server.keystore</attribute> - <!-- The password for the key store --> <attribute name="KeyStorePassword">MY_PASSWORD_IS_HERE</attribute> - <!-- The password for the keys (will use KeystorePassword if this is not set explicitly. --> - <!-- <attribute name="KeyPassword">secureexample</attribute> --> - <!-- The protocol for the SSLContext. Default is TLS. --> <attribute name="SecureSocketProtocol">TLS</attribute> - <!-- The algorithm for the key manager factory. Default is SunX509. --> <attribute name="KeyStoreAlgorithm">SunX509</attribute> - <!-- The type to be used for the key store. Defaults to JKS. Some acceptable values are JKS (Java Keystore - Sun's keystore format), JCEKS (Java Cryptography Extension keystore - More secure version of JKS), and PKCS12 (Public-Key Cryptography Standards #12 keystore - RSA's Personal Information Exchange Syntax Standard). These are not case sensitive. --> <attribute name="KeyStoreType">JKS</attribute> </mbean> < -------------------------------------------------------------- Reply to this message by going to Community [http://community.jboss.org/message/576595#576595] Start a new discussion in JBoss Remoting at Community [http://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2050]
_______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
