View Issue Details

IDProjectCategoryView StatusLast Update
0002568SymmetricDSImprovementpublic2016-05-23 13:00
ReporterelongAssigned Toelong 
PrioritynormalSeverityminorReproducibilityN/A
Status closedResolutionfixed 
Product Version3.7.0 
Target Version3.7.33Fixed in Version3.7.33 
Summary0002568: Protect keystore password
DescriptionEncrypt or obfuscate the keystore password to protect it from casual observation. It is currently set in conf/sym_service.conf like this:

wrapper.java.additional.18=-Djavax.net.ssl.keyStorePassword=changeit

Jetty has a Password utility for encryption:

http://www.eclipse.org/jetty/documentation/9.2.6.v20141205/configuring-ssl.html

If we want to support other deployments, we probably need our own obfuscation utility or way to protect the keystore password.
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Related Changesets

SymmetricDS: 3.7 dd486e84

2016-04-19 10:11:34

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-client/src/main/java/org/jumpmind/symmetric/SymmetricAdmin.java Diff File
mod - symmetric-client/src/main/resources/symmetric-messages.properties Diff File
mod - symmetric-util/src/main/java/org/jumpmind/security/ISecurityService.java Diff File
mod - symmetric-util/src/main/java/org/jumpmind/security/SecurityConstants.java Diff File
mod - symmetric-util/src/main/java/org/jumpmind/security/SecurityService.java Diff File

SymmetricDS: 3.8 38c42f59

2016-04-19 10:59:16

admin

Details Diff
0002568: Protect keystore password
allow engine to come up with defaults in order to get security service

0002568
mod - symmetric-core/src/main/resources/symmetric-default.properties Diff File

SymmetricDS: 3.8 2ed03273

2016-04-19 11:00:09

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-client/src/main/java/org/jumpmind/symmetric/SymmetricAdmin.java Diff File

SymmetricDS: 3.7 288bc3fe

2016-04-19 12:58:35

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-util/src/main/java/org/jumpmind/security/SecurityService.java Diff File

SymmetricDS: 3.7 95e75e57

2016-04-19 13:03:21

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-server/src/main/deploy/conf/sym_service.conf Diff File

SymmetricDS: 3.7 ad47f6a0

2016-04-19 13:15:52

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-assemble/src/asciidoc/advanced-topics.ad Diff File
mod - symmetric-server/src/main/deploy/bin/setenv Diff File
mod - symmetric-server/src/main/deploy/bin/setenv.bat Diff File

SymmetricDS: 3.7 54550358

2016-04-19 16:25:17

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-assemble/src/asciidoc/advanced-topics.ad Diff File

SymmetricDS: 3.8 edd1da13

2016-05-23 11:04:32

admin

Details Diff
0002568: Protect keystore password
0002568
mod - symmetric-server/src/main/deploy/conf/sym_service.conf Diff File

Issue History

Date Modified Username Field Change
2016-04-19 08:51 elong New Issue
2016-04-19 08:51 elong Status new => assigned
2016-04-19 08:51 elong Assigned To => elong
2016-04-19 11:00 admin Changeset attached => SymmetricDS 3.7 dd486e84
2016-04-19 13:00 admin Changeset attached => SymmetricDS 3.7 288bc3fe
2016-04-19 14:00 admin Changeset attached => SymmetricDS 3.7 ad47f6a0
2016-04-19 14:00 admin Changeset attached => SymmetricDS 3.7 95e75e57
2016-04-19 17:00 admin Changeset attached => SymmetricDS 3.7 54550358
2016-04-19 20:01 elong Status assigned => resolved
2016-04-19 20:01 elong Fixed in Version => 3.7.33
2016-04-19 20:01 elong Resolution open => fixed
2016-04-28 10:01 admin Changeset attached => SymmetricDS 3.8 2ed03273
2016-04-28 10:01 admin Changeset attached => SymmetricDS 3.8 38c42f59
2016-05-17 13:01 chenson Status resolved => closed
2016-05-23 13:00 admin Changeset attached => SymmetricDS 3.8 edd1da13