[
https://issues.apache.org/jira/browse/SOLR-14605?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
calm cloudy updated SOLR-14605:
-------------------------------
Description:
solr + tomcat with https , we config keystore in two tomcat file :
*server.xml :*
<Connector port="xxx" address="xxx"
protocol="org.apache.coyote.http11.Http11NioProtocol"
.................
keystoreFile="/xxx.keystore"
keystorePass="{color:#ff0000}password{color}"
truststoreFile="/xxx.keystore"
truststorePass="{color:#ff0000}password{color}" />
*catalina.properties :*
javax.net.ssl.keyStore=/xxx.keystore
javax.net.ssl.keyStorePassword="{color:#ff0000}password{color}"
javax.net.ssl.trustStore=/xxx.keystore
javax.net.ssl.trustStorePassword="{color:#ff0000}password{color}"
the problem is the {color:#ff0000}password {color:#172b4d}above is cleartext
, it's not secure , we need{color} encrypt the password{color:#172b4d} ,then
store them{color}{color}
So, we need solution such as plugin interface function that make sure
solr can load the {color:#de350b}encryption password {color}
anyone has idea to resolve it ? thanks
was:
solr + tomcat with https , we config keystore in two tomcat file :
*server.xml :*
<Connector port="xxx" address="xxx"
protocol="org.apache.coyote.http11.Http11NioProtocol"
.................
keystoreFile="/xxx.keystore"
keystorePass="{color:#FF0000}password{color}"
truststoreFile="/xxx.keystore"
truststorePass="{color:#FF0000}password{color}" />
*catalina.properties :*
javax.net.ssl.keyStore=/xxx.keystore
javax.net.ssl.keyStorePassword="{color:#FF0000}password{color}"
javax.net.ssl.trustStore=/xxx.keystore
javax.net.ssl.trustStorePassword="{color:#FF0000}password{color}"
the problem is the {color:#FF0000}password {color:#172b4d}above is cleartext
, it's not secure , we need encrypt the {color:#de350b}password
{color:#172b4d},then store them{color}{color}{color}{color}
So, we need solution such as plugin interface function that can load the
encryption password
anyone has ideato resolve it ? thanks
> use https need encrypt keystorePass
> ------------------------------------
>
> Key: SOLR-14605
> URL: https://issues.apache.org/jira/browse/SOLR-14605
> Project: Solr
> Issue Type: Wish
> Security Level: Public(Default Security Level. Issues are Public)
> Reporter: calm cloudy
> Priority: Major
>
> solr + tomcat with https , we config keystore in two tomcat file :
> *server.xml :*
> <Connector port="xxx" address="xxx"
> protocol="org.apache.coyote.http11.Http11NioProtocol"
> .................
> keystoreFile="/xxx.keystore"
> keystorePass="{color:#ff0000}password{color}"
> truststoreFile="/xxx.keystore"
> truststorePass="{color:#ff0000}password{color}" />
> *catalina.properties :*
> javax.net.ssl.keyStore=/xxx.keystore
> javax.net.ssl.keyStorePassword="{color:#ff0000}password{color}"
> javax.net.ssl.trustStore=/xxx.keystore
> javax.net.ssl.trustStorePassword="{color:#ff0000}password{color}"
>
> the problem is the {color:#ff0000}password {color:#172b4d}above is
> cleartext , it's not secure , we need{color} encrypt the
> password{color:#172b4d} ,then store them{color}{color}
> So, we need solution such as plugin interface function that make sure
> solr can load the {color:#de350b}encryption password {color}
> anyone has idea to resolve it ? thanks
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@lucene.apache.org
For additional commands, e-mail: issues-h...@lucene.apache.org
