As with the acceptor and connector environment variables that are being used to pass arguments to the broker creation in the container image, with the console if sslEnabled: true then keystore and truststore passwords are included. These should not be in the clear as they are now and an update should be made to store the console args in a secret as done for acceptors and connectors via ENTMQBR-2827.