Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consider cleaning up security resources folder at the end of configure.sh #565

Open
leochr opened this issue Nov 10, 2023 · 1 comment
Open

Consider cleaning up security resources folder at the end of configure.sh #565

leochr opened this issue Nov 10, 2023 · 1 comment

Comments

@leochr
Copy link
Member

leochr commented Nov 10, 2023

The configure.sh script starts and stops the server. This produces artifacts in /output/resources/security/ including keystore, truststore and ltpa key if appSecurity feature is enabled. Including these with the container images could be a security issue. Consider deleting these resources. Would it have impact on java cache (SCC) and impact server startup?
@tjwatson
Copy link
Member

Would it have impact on java cache (SCC) and impact server startup?

The /output/resources/security folder should have nothing to do with the SCC. But it will impact container startup because when this directory is created it is because there is no configured certificate for SSL so each container image startup the certificate will have to be regenerated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tjwatson @leochr