Thanks for your reply. We can try this on the CLI, but what about the Web UI? Thanks, Jerry
---Original--- From: "Gabor Somogyi"<gabor.g.somo...@gmail.com> Date: Tue, Jan 18, 2022 17:38 PM To: "狗嗖"<1074768...@qq.com>; Cc: "user"<user@flink.apache.org>; Subject: Re: Question about plain password in flink-conf.yaml export SSL_PASSWORD=secretflink run -yDsecurity.ssl.rest.*-password=$SSL_PASSWORD ... app.jar Such way the code which starts the workload can store the passwords in a centrally protected area. This still can be hacked but at least not stored in plain text file. BR, G On Tue, Jan 18, 2022 at 10:18 AM 狗嗖 <1074768...@qq.com> wrote: Hello, security.ssl.rest.*-password and s3.secret.key are parameters in flink-conf.xml that can only be set with plain text, which may lead to password leak. Can anyone provide some other extended capabilities that allow developers to configure cipher text and specify classes and methods to decrypt it? Like all user needs to do is provide an encrypted password, a class file or JAR package that helps decryption, and place them in flink classpath. Thanks, Jerry
