Production environment passwords and configuration need to be secured
We currently have a number of services configured to use fairly insecure passwords, and some are checked into SVN for the development environments. These include:
Metacat - admin DN, admin password
OpenLDAP - admin DN and password
Java keystore - passphrase
PostgreSQL - admin user and password
Hazelcast Storage cluster - group name and password
Hazelcast Process cluster - group name and password
Hazelcast Portal cluster - group name and password
likely others ...
We need a secure location for these settings, and values need to be manually overridden in the production environment deployments.
#2 Updated by Chris Jones over 11 years ago
- Status changed from New to In Progress
- Milestone changed from CCI-1.0.2 to CCI-1.0.3
Most components have been changed except for Hazelcast and the node approval tool. Moving this to CCI 1.0.3 for these changes since we have manual workarounds for both of these issues.