ambari-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aleksandr Kovalenko (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AMBARI-10825) Missed Support for Wire Encyption
Date Wed, 29 Apr 2015 15:44:06 GMT

    [ https://issues.apache.org/jira/browse/AMBARI-10825?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14519594#comment-14519594
] 

Aleksandr Kovalenko commented on AMBARI-10825:
----------------------------------------------

+1 for the patch

> Missed Support for Wire Encyption
> ---------------------------------
>
>                 Key: AMBARI-10825
>                 URL: https://issues.apache.org/jira/browse/AMBARI-10825
>             Project: Ambari
>          Issue Type: Bug
>          Components: ambari-server
>    Affects Versions: 2.1.0
>            Reporter: Erik Bergenholtz
>            Assignee: Antonenko Alexander
>             Fix For: 2.1.0
>
>         Attachments: AMBARI-10825.patch
>
>
> I noticed the following things that I believe need to get fixed:
> *ssl-client.xml*
> # We're missing the ability to track ssl.client.truststore.password
> # (New Requirement) We're missing the ability to track the following:
> * ssl.client.truststore.password=bigdata
> * ssl.client.truststore.reload.interval=10000
> * ssl.client.keystore.type=jks
> * ssl.client.keystore.location=/etc/security/clientKeys/keystore.jks
> * ssl.client.keystore.password=bigdata
> The additions (New Requirement) to ssl-client.xml is from some discrepancies I've just
noticed between [our documentation|http://docs.hortonworks.com/HDPDocuments/HDP2/HDP-2.2.0/HDP_Security_Guide_v22/index.html#Item1.3.4.4]
and [Apache's|http://hadoop.apache.org/docs/current/hadoop-mapreduce-client/hadoop-mapreduce-client-core/EncryptedShuffle.html].
> *ssl-server.xml*
> # The passwords are in clear text and should be 'password' type input fields for ssl.server.keystore.password,
and ssl.server.keystore.keypassword.
> # We need to add management of ssl.server.truststore.reload.interval with a default value
of 10000 with a tooltip value of: "Truststore reload interval, in milliseconds"
> # We are missing management of the ssl.server.truststore.password 'password' field.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message