encrypting jks file password in server.xml

kamtaot · May 1, 2023, 1:54am

Hi all,

I am implementing Knime server at my organization and the security team says that the JKS file password and AD Connection password should not be in plain text. In a similar condition (another application running on Apache Tomcat), they put a jar called “tomcat-decrypt.jar” which extends the method mentioned in the connector tag of server.xml. When I did the same, the server is throwing error. Any suggestions on this? I am doing this because of our internal minimum security baseline standard.

ztrubow · May 2, 2023, 8:43pm

Hi @kamtaot ,

Here is an article describing obfuscating the password so it is not in plain text, please let me know if any of these solutions will suffice:

https://cwiki.apache.org/confluence/display/TOMCAT/Password

Thanks,
Zack

kamtaot · May 9, 2023, 9:55am

I exactly followed the steps and cleared the security test. The article was useful. Thank you for pointing me in the right direction.

system · May 16, 2023, 9:56am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.