Loading...

XML

Word

Printable

Details

Type: Improvement
Resolution: Fixed
Priority: Major
Fix Version/s: 3.5.0, 2.15.0
Affects Version/s: 3.1.0, 2.14.21
Component/s: Bootstrap
Labels:
- supportant

Release Note:

Yes

Description

jetty-https.xml contains

<Set name="KeyStorePath"><Property name="ssl.etc"/>/keystore.jks</Set>
    <Set name="KeyStorePassword">OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v</Set>
    <Set name="KeyManagerPassword">OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v</Set>
    <Set name="TrustStorePath"><Property name="ssl.etc"/>/keystore.jks</Set>
    <Set name="TrustStorePassword">OBF:1v2j1uum1xtv1zej1zer1xtn1uvk1v1v</Set>

Users don't understand what these OBF values translate to.

Users don't understand they can simply type plain text passwords there.

Users don't understand how to obfuscate passwords even if they want to obfuscate passwords.

Expected

change the default values in that file to literally ~~'changeit'~~ password - ~~which is the default password of the of the cacerts truststore file - this will make it work if the user starts with a copy of that file~~ this is simply the plain text version of the OBF value that customers may already be using - this avoids any potential regressions if they are using the default value
clarify in the documentation examples ( if any ) ~~the use of 'changeit' instead of some other value~~
clarify in the documentation how to generate an OBF password if needed, using the files that ship with Nexus

Attachments

Activity

People

Assignee:: Frederick Milens [X] (Inactive)

Reporter:: Peter Lynch

Last Updated By:: Peter Lynch

Team:: Nexus - Core

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 12/07/16 10:31 PM

Updated:: 02/18/22 12:17 PM

Resolved:: 07/25/17 10:00 PM

Date of First Response:: 07/Feb/17 7:17 PM

jetty-https.xml obfuscated keystore truststore password values are confusing