How to avoid storing passwords for SSL in plain text in GemFire
search cancel

How to avoid storing passwords for SSL in plain text in GemFire

book

Article ID: 293988

calendar_today

Updated On:

Products

VMware Tanzu Gemfire

Issue/Introduction

This article describes how to avoid storing passwords for SSL in plain text in GemFire properties.


Resolution

When using SSL with GemFire passwords can be secured by adding them to gfsecurity.properties. In this case passwords are stored in plain text but the access rights to gfsecurity.properties can be set to narrower group of users than what is used for gemfire.properties. 

Solution

Encrypt the passwords using

gfsh > encrypt password --password=XXXXX

Pass the encrypted passwords this way. For example,

connect --jmx-manager=localhost[1099] --key-store=/path/to/my/keystore --key-store-password=encrypted(C3CDC3485F7FF643D28F62E9B1335749) --trust-store=/path/to/my/truststore --trust-store-password=encrypted(C3CDC3485F7FF643D28F62E9B1335749) --use-ssl

Additional Information

Applies to

GemFire 7 and 8


Powered by Wolken Software