tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Need to Specify keystorePass on Command Line
Date Fri, 08 Feb 2013 21:47:37 GMT
On 08/02/2013 16:11, Caldarale, Charles R wrote:
>> From: Harris, Jeffrey E. [mailto:Jeffrey.Harris@ManTech.com] 
>> Subject: RE: Need to Specify keystorePass on Command Line
> 
>> First, I cannot store the password ANYWHERE on the system, which is why 
>> it needs to be entered on the command line.
> 
> Then you can't run Tomcat as a service - there is no command line.  It's my understanding
that all parameters for a service must be available in the registry or elsewhere in the file
system prior to starting the service.
> 
> Consider running Tomcat from the .bat scripts instead, in which case you can pass arbitrary
parameters, but you will need to do this from a logged-in account.

But bear in mind that setting the password as -Dblah=password may still
expose the password to other processes able to read the startup
parameters of that process.

Which IMHO is less secure than putting the password in a file with
permissions such that only the Tomcat user can read it...


p

>  - Chuck
> 
> 
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and
is thus for use only by the intended recipient. If you received this in error, please contact
the sender and delete the e-mail and its attachments from all computers.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 


-- 

[key:62590808]

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message