Pivotal Knowledge Base

Follow

How to avoid storing passwords for SSL in plain text in GemFire

Applies to

GemFire 7 and 8

Purpose

Describe how to avoid storing passwords for SSL in plain text in GemFire properties.

Description

When using SSL with GemFire passwords can be secured by adding them to gfsecurity.properties. In this case passwords are stored in plain text but the access rights to gfsecurity.properties can be set to narrower group of users than what is used for gemfire.properties. 

Solution

Encrypt the passwords using

gfsh > encrypt password --password=XXXXX

Pass the encrypted passwords this way. For example,

connect --jmx-manager=localhost[1099] --key-store=/path/to/my/keystore --key-store-password=encrypted(C3CDC3485F7FF643D28F62E9B1335749) --trust-store=/path/to/my/truststore --trust-store-password=encrypted(C3CDC3485F7FF643D28F62E9B1335749) --use-ssl

Comments

Powered by Zendesk