[ https://issues.apache.org/jira/browse/HADOOP-14141?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15977510#comment-15977510 ]
John Zhuge edited comment on HADOOP-14141 at 4/20/17 9:02 PM: -------------------------------------------------------------- Committed to branch-2. Thanks [~eddyxu] for the review! was (Author: jzhuge): Thanks [~eddyxu] for the review! > Store KMS SSL keystore password in catalina.properties > ------------------------------------------------------ > > Key: HADOOP-14141 > URL: https://issues.apache.org/jira/browse/HADOOP-14141 > Project: Hadoop Common > Issue Type: Improvement > Components: kms > Affects Versions: 2.9.0 > Reporter: John Zhuge > Assignee: John Zhuge > Priority: Minor > Fix For: 2.9.0 > > Attachments: HADOOP-14141.branch-2.001.patch > > > HADOOP-14083 stores SSL ciphers in catalina.properties. We can do the same > for SSL keystore password, thus no longer need the current {{sed}} method: > {noformat} > # If ssl, the populate the passwords into ssl-server.xml before starting > tomcat > if [ ! "${KMS_SSL_KEYSTORE_PASS}" = "" ] || [ ! "${KMS_SSL_TRUSTSTORE_PASS}" > = "" ]; then > # Set a KEYSTORE_PASS if not already set > KMS_SSL_KEYSTORE_PASS=${KMS_SSL_KEYSTORE_PASS:-password} > KMS_SSL_KEYSTORE_PASS_ESCAPED=$(hadoop_escape "$KMS_SSL_KEYSTORE_PASS") > KMS_SSL_TRUSTSTORE_PASS_ESCAPED=$(hadoop_escape "$KMS_SSL_TRUSTSTORE_PASS") > cat ${CATALINA_BASE}/conf/ssl-server.xml.conf \ > | sed > 's/"_kms_ssl_keystore_pass_"/'"\"${KMS_SSL_KEYSTORE_PASS_ESCAPED}\""'/g' \ > | sed > 's/"_kms_ssl_truststore_pass_"/'"\"${KMS_SSL_TRUSTSTORE_PASS_ESCAPED}\""'/g' > > ${CATALINA_BASE}/conf/ssl-server.xml > fi > {noformat} -- This message was sent by Atlassian JIRA (v6.3.15#6346) --------------------------------------------------------------------- To unsubscribe, e-mail: common-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-issues-h...@hadoop.apache.org