[BUG] DefaultConfigurationController.initializeSecuritySettings writes the keystore unnecessarily #5467
Labels
bug
Something isn't working
Comments
jonbartels
added a commit
to jonbartels/connect
that referenced
this issue
May 6, 2023
|
I am playing with this at https://github.com/jonbartels/connect/tree/5467-keytore-avoid-writes I don't even know if it compiles yet. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
connect/server/src/com/mirth/connect/server/controllers/DefaultConfigurationController.java
Line 1154 in 0974c6a
The keystore file is opened, checked for existing keypairs, has new keypairs generated if needed, then it is ALWAYS rewritten on line
connect/server/src/com/mirth/connect/server/controllers/DefaultConfigurationController.java
Line 1208 in 0974c6a
To Reproduce
mirthconnectaliasExpected behavior
If the keystore DOES NOT need any keypairs generated or added, it should not be written.
Actual behavior
If keystore.jks is not actually changed by Mirth Connect, it should never be written to.
Workaround(s)
No practical workarounds. Maybe a plugin could override the ConfigurationController implementation?
Additional context
This is important for security best-practices - If MC didn't needlessly write to the keystore then the file could be set read-only by the filesystem.
Many modern deployments will load the keystore from a secrets-store (Hashicorp Vault, Docker, k8s secrets, etc.) and loading it read-only is better for those systems.
The text was updated successfully, but these errors were encountered: