Re: JKS keystore password Encryption

2014-08-15 Thread André Warnier
Mark Thomas wrote: On 14/08/2014 15:46, George Sexton wrote: On 8/14/2014 8:33 AM, Mark Thomas wrote: On 14/08/2014 15:10, George Sexton wrote: graph. Can you help me understand why tomcat doesn't take the approach of Apache httpd which is to ask the user for the decryption key at startup time

Re: JKS keystore password Encryption

2014-08-14 Thread Mark Thomas
On 14/08/2014 15:46, George Sexton wrote: > > On 8/14/2014 8:33 AM, Mark Thomas wrote: >> On 14/08/2014 15:10, George Sexton wrote: >>> graph. >>> Can you help me understand why tomcat doesn't take the approach of >>> Apache httpd which is to ask the user for the decryption key at startup >>> time

Re: JKS keystore password Encryption

2014-08-14 Thread George Sexton
On 8/14/2014 8:33 AM, Mark Thomas wrote: On 14/08/2014 15:10, George Sexton wrote: graph. Can you help me understand why tomcat doesn't take the approach of Apache httpd which is to ask the user for the decryption key at startup time? Because it is largely a waste of time. Anyone with root on

Re: JKS keystore password Encryption

2014-08-14 Thread David kerber
On 8/14/2014 10:33 AM, Mark Thomas wrote: On 14/08/2014 15:10, George Sexton wrote: On 8/4/2014 8:17 AM, André Warnier wrote: Sanaullah wrote: Hi, is there a way i ca replace plain JKS keystore password with encrypted password in tomcat server.xml? This kind of question comes regularly on

Re: JKS keystore password Encryption

2014-08-14 Thread Mark Thomas
On 14/08/2014 15:10, George Sexton wrote: > > On 8/4/2014 8:17 AM, André Warnier wrote: >> Sanaullah wrote: >>> Hi, >>> >>> is there a way i ca replace plain JKS keystore password with encrypted >>> password in tomcat server.xml? >>> >> >> This kind of question comes regularly on this list, I woul

Re: JKS keystore password Encryption

2014-08-14 Thread George Sexton
On 8/4/2014 8:17 AM, André Warnier wrote: Sanaullah wrote: Hi, is there a way i ca replace plain JKS keystore password with encrypted password in tomcat server.xml? This kind of question comes regularly on this list, I would say 2 or 3 times each year. Searching the list archives (mentione

Re: JKS keystore password Encryption

2014-08-05 Thread Sanaullah
Hi Chris, I don't want to pass the audit. I am just curious why Jboss implemented that ? and whats the purpose of SRP protocol implementation just to pass the audit? [1] https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/6.2/html-single/Development_Guide/#sect-Sec

Re: JKS keystore password Encryption

2014-08-05 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sanaullah, On 8/4/14, 9:19 PM, Sanaullah wrote: > Thanks to all. > > I was looking something similar to this [1] which is implemented in > JBoss. > > [1] > https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html

Re: JKS keystore password Encryption

2014-08-05 Thread John Smith
> > You may find Wiki also useful: > > http://wiki.apache.org/tomcat/FAQ/Password > > -Ognjen "Write your own datasource implementation which wraps your datasource and obscure your brains out (XOR and ROT13 are great

Re: JKS keystore password Encryption

2014-08-04 Thread Sanaullah
Thanks to all. I was looking something similar to this [1] which is implemented in JBoss. [1] https://access.redhat.com/documentation/en-US/JBoss_Enterprise_Application_Platform/5/html/Security_Guide/Encrypting_The_Keystore_Password_In_Tomcat.html On Tue, Aug 5, 2014 at 3:43 AM, Ognjen Blagoje

Re: JKS keystore password Encryption

2014-08-04 Thread Ognjen Blagojevic
Sanaullah, On 4.8.2014 17:26, Sanaullah wrote: I will also search the archive as well. You may find Wiki also useful: http://wiki.apache.org/tomcat/FAQ/Password -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.a

Re: JKS keystore password Encryption

2014-08-04 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Sanaullah, On 8/4/14, 9:43 AM, Sanaullah wrote: > is there a way i ca replace plain JKS keystore password with > encrypted password in tomcat server.xml? http://wiki.apache.org/tomcat/FAQ/Password - -chris -BEGIN PGP SIGNATURE- Version: Gn

Re: JKS keystore password Encryption

2014-08-04 Thread Sanaullah
Thanks Andre and Ulises. I will also search the archive as well. Regards, Sanaullah On Mon, Aug 4, 2014 at 8:07 PM, Ulises González Horta wrote: > On Mon 04 Aug 2014 09:17:47 André Warnier escribió: > > And if someone non-authorized has access to Tomcat's server.xml, then you > > have bigger

Re: JKS keystore password Encryption

2014-08-04 Thread Ulises González Horta
On Mon 04 Aug 2014 09:17:47 André Warnier escribió: > And if someone non-authorized has access to Tomcat's server.xml, then you > have bigger problems than a non-encrypted password. Maybe the best solution could be put the right permission to sever.xml and do not give the root password to other

Re: JKS keystore password Encryption

2014-08-04 Thread André Warnier
Sanaullah wrote: Hi, is there a way i ca replace plain JKS keystore password with encrypted password in tomcat server.xml? This kind of question comes regularly on this list, I would say 2 or 3 times each year. Searching the list archives (mentioned in the superb on-line Tomcat documentation

JKS keystore password Encryption

2014-08-04 Thread Sanaullah
Hi, is there a way i ca replace plain JKS keystore password with encrypted password in tomcat server.xml? Regards, Sanaullah