Details
-
Story
-
Resolution: Duplicate
-
Major
-
None
-
JBoss A-MQ 6.1
-
None
Description
Currently, there does not appear to be a way to encrypt variables in org.ops4j.pax.web.cfg, specifically the following variables:
- org.ops4j.pax.web.ssl.keypassword
- org.ops4j.pax.web.ssl.password
It appears that Jetty only allows the obfuscation of such passwords (http://wiki.eclipse.org/Jetty/Howto/Secure_Passwords: In some cases such as keystore passwords and digest authentication, the system must retrieve the original password, which requires the obfuscation method.), but this can easily be worked around.