----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/54640/#review159001 -----------------------------------------------------------
Fix it, then Ship it! Ship It! ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java (line 83) <https://reviews.apache.org/r/54640/#comment229911> Maybe create a JIRA for this (and note it here) so that it really gets done, else it may be a TODO for a really long time. ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java (line 235) <https://reviews.apache.org/r/54640/#comment229913> Missing JavaDoc ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java (lines 243 - 266) <https://reviews.apache.org/r/54640/#comment229914> Too bad we dont have a common library that we can share between Ambari projects. There is already a class in `ambari-server` that does something like this - `org.apache.ambari.server.security.CertificateManager`. Maybe there should be an effort to consolicate such features. ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 133) <https://reviews.apache.org/r/54640/#comment229915> Missing JavaDoc ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 146) <https://reviews.apache.org/r/54640/#comment229916> Missing JavaDoc ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 153) <https://reviews.apache.org/r/54640/#comment229917> Missing JavaDoc ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 161) <https://reviews.apache.org/r/54640/#comment229923> `MD5WithRSAEncryption` may not be good enough. This should probably be configurable or set to something like `sha256WithRSAEncryption`. Ambari was dinged for this a while back since MD5 and SHA1 are considered insecure. Ambari handles this by using OpenSSL to create certificates. The `ca.conf` file has the digest algorithm set to sha256, and users can change this by editting the config file if they want: ``` default_md = sha256 ``` ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 171) <https://reviews.apache.org/r/54640/#comment229918> Missing JavaDoc ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 181) <https://reviews.apache.org/r/54640/#comment229919> Missing JavaDoc ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java (line 194) <https://reviews.apache.org/r/54640/#comment229920> Missing JavaDoc - Robert Levas On Dec. 12, 2016, 10:51 a.m., Oliver Szabo wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/54640/ > ----------------------------------------------------------- > > (Updated Dec. 12, 2016, 10:51 a.m.) > > > Review request for Ambari, Miklos Gergely, Robert Levas, and Robert Nettleton. > > > Bugs: AMBARI-19147 > https://issues.apache.org/jira/browse/AMBARI-19147 > > > Repository: ambari > > > Description > ------- > > Generate JKS file on startup. (if keystore is not specified or not exists) > > > Diffs > ----- > > ambari-logsearch/ambari-logsearch-portal/pom.xml 6bacd23 > > ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/LogSearch.java > 14f83cf > > ambari-logsearch/ambari-logsearch-portal/src/main/java/org/apache/ambari/logsearch/util/SSLUtil.java > 206f793 > > ambari-server/src/main/resources/common-services/LOGSEARCH/0.5.0/configuration/logsearch-env.xml > 2f13710 > > Diff: https://reviews.apache.org/r/54640/diff/ > > > Testing > ------- > > testing done. manually. (start ambar server, import generated logsearch > certificate to ambar keystore) > > > Thanks, > > Oliver Szabo > >
