Bug 577239

Summary: RFE : Obfuscation of comm/ssl passwords in rhq-server.properties
Product: [Other] RHQ Project Reporter: Jay Shaughnessy <jshaughn>
Component: Communications SubsystemAssignee: RHQ Project Maintainer <rhq-maint>
Status: CLOSED DUPLICATE QA Contact: Mike Foley <mfoley>
Severity: low Docs Contact:
Priority: low    
Version: 1.4CC: mazz
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2014-05-28 12:00:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1070262    

Description Jay Shaughnessy 2010-03-26 14:40:48 UTC 
Customer request to add obfuscation for the comm and ssl passwords in rhq-server.properties.

Note, rhq-db password obfuscation is already being implemented. See https://bugzilla.redhat.com/show_bug.cgi?id=535601.
Comment 1 Jay Shaughnessy 2010-03-26 14:43:18 UTC 
10:32:34 AM) mazz: for the record, that would require some amount of non-trivial work to get the obfuscated keystore/truststore passwords into the rhq comm layer
(10:33:12 AM) mazz: at the very least, we'd have to have some kind of "salt" inside the comm java code like we have in the license stuff


Also, note the following about Tomcat and AS embedded Tomcat

"BTW: looks like jboss added this obfuscation feature to the embedded tomcat connector config

http://community.jboss.org/wiki/EncryptKeystorePasswordInTomcatConnector

so while tomcat doesn't support it, jboss does (for the tomcat it embeds)"
Comment 2 Jay Shaughnessy 2014-05-28 01:30:43 UTC 
Mazz, anything pending here or can we close this?
Comment 3 John Mazzitelli 2014-05-28 12:00:34 UTC 

*** This bug has been marked as a duplicate of bug 1070262 ***