ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dmitry Lysnichenko (JIRA)" <j...@apache.org>
Subject [jira] [Created] (AMBARI-6234) Security issue - private key password show in logs
Date Mon, 23 Jun 2014 11:56:24 GMT
Dmitry Lysnichenko created AMBARI-6234:
------------------------------------------

             Summary: Security issue - private key password show in logs
                 Key: AMBARI-6234
                 URL: https://issues.apache.org/jira/browse/AMBARI-6234
             Project: Ambari
          Issue Type: Bug
          Components: controller
    Affects Versions: 1.6.1
            Reporter: Dmitry Lysnichenko
            Assignee: Dmitry Lysnichenko
            Priority: Critical
             Fix For: 1.6.1


During generating private key and certificates using openssl password of key shown in logs:
{noformat}
11:21:30,735  INFO [main] ShellCommandUtil:44 - Command openssl genrsa -des3 -passout pass:****
-out /var/lib/ambari-server/keys/ca.key 4096  was finished with exit code: 0 - the operation
was completely successfully.
11:21:30,750  INFO [main] ShellCommandUtil:44 - Command openssl req -passin pass:**** -new
-key /var/lib/ambari-server/keys/ca.key -out /var/lib/ambari-server/keys/ca.csr -batch was
finished with exit code: 0 - the operation was completely successfully.
11:21:30,766  INFO [main] ShellCommandUtil:44 - Command open**** ca -create_serial -out /var/lib/ambari-server/keys/ca.crt
-days 365 -keyfile /var/lib/ambari-server/keys/ca.key -key vgGAzzSaCPkI3F7UU7qZZY6CahDUTSnY7B9a8TH0YiGDB10LdJ
-selfsign -extensions jdk7_ca -config /var/lib/ambari-server/keys/ca.config -batch -infiles
/var/lib/ambari-server/keys/ca.csr was finished with exit code: 0 - the operation was completely
successfully.
11:21:30,773  INFO [main] ShellCommandUtil:44 - Command openssl pkcs12 -export -in /var/lib/ambari-server/keys/ca.crt
-inkey /var/lib/ambari-server/keys/ca.key -certfile /var/lib/ambari-server/keys/ca.crt -out
/var/lib/ambari-server/keys/keystore.p12 -password pass:**** -passin pass:**** 
{noformat}
see  "-key vgGAzzSaCPkI3F7UU7qZZY6CahDUTSnY7B9a8TH0YiGDB10LdJ"



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message