Uploaded image for project: 'Solr'
  1. Solr
  2. SOLR-11678

SSL not working if store and key passwords are different

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 6.6.2
    • None
    • security
    • None

    Description

      If I specify different passwords for store and key then Solr fails to read certificate from JKS file with the below error.

      Example:
      SOLR_SSL_KEY_STORE_PASSWORD: "secret1"
      SOLR_SSL_TRUST_STORE_PASSWORD: "secret2"

      If I set the same password for both - it works just fine.

      Tested with the docker image 6.6.2 available here https://hub.docker.com/_/solr/

      I don't know whether this is JAVA nuance or Solr implementation issue but from security point of view there there is no point to have the same password assigned for both the key store and private key bound to specific certificate.

      Expected behaviour: It should allow to specify different passwords.

      Attachments

        Activity

          People

            Unassigned Unassigned
            Constantin Bugneac Constantin Bugneac
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: