[
https://issues.apache.org/jira/browse/KAFKA-4294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15574737#comment-15574737
]
Rajini Sivaram commented on KAFKA-4294:
---------------------------------------
It may be good to bring this up in KIP-76 discussion:
https://cwiki.apache.org/confluence/display/KAFKA/KIP-76+Enable+getting+password+from+executable+rather+than+passing+as+plaintext+in+config+files
> Allow password file in server.properties to separate 'secrets' from standard
> configs
> -------------------------------------------------------------------------------------
>
> Key: KAFKA-4294
> URL: https://issues.apache.org/jira/browse/KAFKA-4294
> Project: Kafka
> Issue Type: Improvement
> Reporter: Ryan P
>
> Java's keytool(for Windows) allows you to specify the keystore/truststore
> password with an external file in addition to a string argument.
> -storepass:file secret.txt
> http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html
> It would be nice if Kafka could offer the same functionality allowing
> organizations to separate concerns between standard configs and 'secrets'.
> Ideally Kafka would add a secrets file property to the broker config which
> could override any ssl properties which currently exist within the broker
> config. Since the secrets file property is only used to override existing
> SSL/TLS properties the change maintains backward compatibility.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
