Doug Martin [
https://community.jboss.org/people/doug.j.martin] created the discussion
"Re: JBoss AS 7.1.1.Final Vault HornetQ Windows/Linux"
To view the discussion, visit:
https://community.jboss.org/message/758111#758111
--------------------------------------------------------------
Following are the config snippets I'm currently testing with:
<vault>
<vault-option name="KEYSTORE_URL" value="vault.ks"/>
<vault-option name="KEYSTORE_PASSWORD" value="MASK-XYZ"/>
<vault-option name="KEYSTORE_ALIAS" value="vault"/>
<vault-option name="SALT" value="12345678"/>
<vault-option name="ITERATION_COUNT" value="50"/>
<vault-option name="ENC_FILE_DIR" value="\vault\\"/>
</vault>
...
<netty-acceptor name="netty-ssl-acceptor"
socket-binding="messaging">
<param key="ssl-enabled" value="true"/>
<param key="key-store-path" value="server.ks"/>
<param key="key-store-password"
value="${VAULT::XXX::password::XYZ}"/>
<param key="trust-store-path" value="server.ts"/>
<param key="trust-store-password"
value="${VAULT::XXX::password::XYZ}"/>
</netty-acceptor>
Does anything jump out here are being incorrect?
We have a security audit looming and we certainly aren't going to pass with cleartext
passwords in the config file. Any advice would be greatly appreciated.
Thanks,
Doug
--------------------------------------------------------------
Reply to this message by going to Community
[
https://community.jboss.org/message/758111#758111]
Start a new discussion in JBoss AS 7 Development at Community
[
https://community.jboss.org/choose-container!input.jspa?contentType=1&...]