SSL Support
Reported by Deleted User | December 1st, 2010 @ 04:34 PM | in Rundeck 1.0
The following five configuration options need to be exposed.
- keystore location (launcher: RDECK_BASE/etc/keystore, RPM: -Drundeck.keystore)
- keystore password (launcher: admin, RPM -Drundeck.keystore.password)
- key password (launcher: admin, RPM -Drundeck.key.password)
- truststore location (launcher: RDECK_BASE/etc/truststore, RPM: -Drundeck.truststore)
- turststore password (launcher: admin, RPM -Drundeck.truststore.password)
The tools need to be able to consume this information and connect over ssl.
Comments and changes to this ticket
-
Greg Schueler December 1st, 2010 @ 05:31 PM
- Assigned user set to “Greg Schueler”
-
Greg Schueler December 1st, 2010 @ 05:31 PM
The client profile needs to point to the truststore as well to enable access over SSL
-
Deleted User December 1st, 2010 @ 11:30 PM
Probably doesn't make sense to have the passwords as system defines since they'll show up in the process list. It appears that Jetty will prompt for a password if a value is not provided.
Likely need a credentials file that is read by Rundeck.
-
Greg Schueler December 2nd, 2010 @ 09:37 AM
yes, probably bad to include passwords in plain view!
launcher will be launched with: -Drundeck.ssl.config=ssl.properties to specify properties file with config info.
A template will be expanded as $RDECK_BASE/server/config/ssl.properties at launcher expand-config time:
keystore=${rdeck.base}/etc/keystore keystore.password=admin key.password=admin truststore=${rdeck.base}/etc/keystore truststore.password=admin -
Deleted User December 2nd, 2010 @ 02:45 PM
- Tag changed from “security, ssl” to “@needsdocumentation, security, ssl”
- State changed from “new” to “resolved”
(from [3dffab658fa7cd065a2f1122dc533b8c1a163e0b]) Update test script to enable testing ssl
[#104 state:resolved tagged:@needsdocumentation] https://github.com/dtolabs/rundeck/commit/3dffab658fa7cd065a2f1122d...
-
Greg Schueler December 2nd, 2010 @ 02:54 PM
- Tag changed from “@needsdocumentation, security, ssl” to “needs documentation, security, ssl”
Documentation for SSL configuration is here: https://gist.github.com/725741
should be incorporated into docs dir
Please Sign in or create a free account to add a new ticket.
With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.
Create new ticket
Create your profile
Help contribute to this project by taking a few moments to create your personal profile. Create your profile ยป
(DEPRECATED) Please use github issues for issue tracking at http://github.com/dtolabs/rundeck/issues
Greg Schueler
