Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

javax.net.ssl.trustStorePassword with encrypted password?

 
Stefan Renemeister
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've set a truststore and it's password as a system property for my (IBM) JVM. Yes, WebSphere indeed.
Unfortunately, I haven't seen ways of setting my password encrypted. As all system props, their definition (and values!) show when dumping process output, exposing my password in plain text.
I don't like that. I'm sure I'm not the only one.
Can anyone enlighten me how I can set my password encrypted?

Current systemprops:
javax.net.ssl.trustStore=/location/of/truststore.jks
javax.net.ssl.trustStorePassword=password

Thank you in advance!
 
kri shan
Ranch Hand
Posts: 1460
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You need to store it in secure place and retrieve / Write some encryption/decryption algorithm to store and retrieve..
 
Stefan Renemeister
Greenhorn
Posts: 13
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I know, but unfortunately that's not possible right now (requires application modification, which is in the current phase of the project not applicable).
I really look for a way to avoid displaying the truststore password in plain text. Anyone?
 
Richard Tookey
Bartender
Posts: 1166
17
Java Linux Netbeans IDE
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I think I must be missing something. Assuming that one could encrypt the password then for it to be usable within the program the encryption key would need to be available to your program to decrypt the password so to be secure the encryption key would itself need to be encrypted! Of course this recursive encryption requirement extends to infinity.

 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic