[jboss-dev-forums] [JBoss AS 7 Development] - Re: JBoss AS 7.1.1.Final Vault HornetQ Windows/Linux

[Doug Martin]

Doug Martin [https://community.jboss.org/people/doug.j.martin] created the discussion

"Re: JBoss AS 7.1.1.Final Vault HornetQ Windows/Linux"

To view the discussion, visit: https://community.jboss.org/message/758111#758111

--------------------------------------------------------------
Following are the config snippets I'm currently testing with:

<vault>
  <vault-option name="KEYSTORE_URL" value="vault.ks"/>
  <vault-option name="KEYSTORE_PASSWORD" value="MASK-XYZ"/>
  <vault-option name="KEYSTORE_ALIAS" value="vault"/>
  <vault-option name="SALT" value="12345678"/>
  <vault-option name="ITERATION_COUNT" value="50"/>
  <vault-option name="ENC_FILE_DIR" value="\vault\\"/>
</vault>

 ...

<netty-acceptor name="netty-ssl-acceptor" socket-binding="messaging">
  <param key="ssl-enabled" value="true"/>
  <param key="key-store-path" value="server.ks"/>
  <param key="key-store-password" value="${VAULT::XXX::password::XYZ}"/>
  <param key="trust-store-path" value="server.ts"/>
  <param key="trust-store-password" value="${VAULT::XXX::password::XYZ}"/>
</netty-acceptor>

Does anything jump out here are being incorrect?

We have a security audit looming and we certainly aren't going to pass with cleartext passwords in the config file. Any advice would be greatly appreciated.

Thanks,

Doug
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/758111#758111]

Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20120905/281cd9d4/attachment.html