encryption for SSL-related passwords once we enable HTTPS in solr 8.6.2

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

encryption for SSL-related passwords once we enable HTTPS in solr 8.6.2

Phatkar, Swapnil (Contractor)
Hi Team,

We are using Solr 8.6.2 for our application. We have enable https for it . We have to set following parameters for it .

SOLR_SSL_KEY_STORE
SOLR_SSL_KEY_STORE_PASSWORD
SOLR_SSL_TRUST_STORE
SOLR_SSL_TRUST_STORE_PASSWORD

We need to set value for SOLR_SSL_KEY_STORE_PASSWORD and SOLR_SSL_TRUST_STORE_PASSWORD as encrypted value .
Please suggest how we can do it and how it will be read ( decrypted ) by Solr ?

Thanks
Swapnil Phatkar
9167320216
Reply | Threaded
Open this post in threaded view
|

Re: encryption for SSL-related passwords once we enable HTTPS in solr 8.6.2

Jan Høydahl / Cominvent
I believe keystores are pluggable in Java, such as one delegating to Windows keychain, but I don't think they are in Solr. A simple solution would perhaps be a way to supply a password-file instead of a sysprop but it would require code changes to Solr.

Jan

> 10. jun. 2021 kl. 09:29 skrev Phatkar, Swapnil (Contractor) <[hidden email]>:
>
> Hi Team,
>
> We are using Solr 8.6.2 for our application. We have enable https for it . We have to set following parameters for it .
>
> SOLR_SSL_KEY_STORE
> SOLR_SSL_KEY_STORE_PASSWORD
> SOLR_SSL_TRUST_STORE
> SOLR_SSL_TRUST_STORE_PASSWORD
>
> We need to set value for SOLR_SSL_KEY_STORE_PASSWORD and SOLR_SSL_TRUST_STORE_PASSWORD as encrypted value .
> Please suggest how we can do it and how it will be read ( decrypted ) by Solr ?
>
> Thanks
> Swapnil Phatkar
> 9167320216

Reply | Threaded
Open this post in threaded view
|

Re: encryption for SSL-related passwords once we enable HTTPS in solr 8.6.2

Mark H. Wood
In reply to this post by Phatkar, Swapnil (Contractor)
On Thu, Jun 10, 2021 at 07:29:56AM +0000, Phatkar, Swapnil (Contractor) wrote:
> We are using Solr 8.6.2 for our application. We have enable https for it . We have to set following parameters for it .
>
> SOLR_SSL_KEY_STORE
> SOLR_SSL_KEY_STORE_PASSWORD
> SOLR_SSL_TRUST_STORE
> SOLR_SSL_TRUST_STORE_PASSWORD
>
> We need to set value for SOLR_SSL_KEY_STORE_PASSWORD and SOLR_SSL_TRUST_STORE_PASSWORD as encrypted value .
> Please suggest how we can do it and how it will be read ( decrypted ) by Solr ?

A lot of people think that they want to do this.  Unfortunately it
always leads to an infinite regression:  the only way for Solr to
decrypt an encrypted password would be to give Solr the decryption
key.  But the decryption key is itself sensitive information that
should be encrypted, requiring a decryption key for the decryption
key....

There are two ways out of this trap:

1:  do your best to keep unauthorized people away from the UNencrypted
    store passwords and accept the small risk that your best will some
    day not be good enough.  Usually it is not difficult to use
    ordinary filesystem protections to make these data "secure enough".

2:  write the startup process to require that a trusted operator enter
    the passwords at the console before Solr is started, so that they
    are never stored on the system in any form.

You haven't described your threat model, so I can't advise which is
best for you.  I can say that I have never yet found it necessary to
choose option 2.

--
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu

signature.asc (201 bytes) Download Attachment