Consider cleaning up security resources folder at the end of configure.sh

Question

Consider cleaning up security resources folder at the end of configure.sh

Opened this issue 10 months ago · 1 comments

The configure.sh script starts and stops the server. This produces artifacts in /output/resources/security/ including keystore, truststore and ltpa key if appSecurity feature is enabled. Including these with the container images could be a security issue. Consider deleting these resources. Would it have impact on java cache (SCC) and impact server startup?

Answer 1 · 2023-11-13T14:13:03.000Z

Would it have impact on java cache (SCC) and impact server startup?

The /output/resources/security folder should have nothing to do with the SCC. But it will impact container startup because when this directory is created it is because there is no configured certificate for SSL so each container image startup the certificate will have to be regenerated.