Home Explore Help
Sign In
apache
/
hadoop
mirror of https://github.com/apache/hadoop.git
2
0
Fork 1
Files Issues 0 Wiki
Browse Source

HADOOP-14095. Document caveats about the default JavaKeyStoreProvider in KMS.

(cherry picked from commit d7ecac379a02876919d3e6081d42f0937f54e664)

Conflicts:
	hadoop-common-project/hadoop-kms/src/site/markdown/index.md.vm
Xiao Chen 7 years ago
parent
e84d508c1b
commit
78d6dd414a
1 changed files with 2 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      hadoop-common-project/hadoop-kms/src/site/markdown/index.md.vm

+ 2 - 0
hadoop-common-project/hadoop-kms/src/site/markdown/index.md.vm
View File 

@@ -71,6 +71,8 @@ The password file is looked up in the Hadoop's configuration directory via the c
 
 
 NOTE: You need to restart the KMS for the configuration changes to take effect.
 
 
+NOTE: The KMS server can choose any `KeyProvider` implementation as the backing provider. The example here uses a JavaKeyStoreProvider, which should only be used for experimental purposes and never be used in production. For detailed usage and caveats of JavaKeyStoreProvider, please see [Keystore Passwords section of the Credential Provider API](../hadoop-project-dist/hadoop-common/CredentialProviderAPI.html#Keystore_Passwords).
 
+
 
 $H3 KMS Cache
 
 
 KMS has two kinds of caching: a CachingKeyProvider for caching the encryption keys, and a KeyProvider for caching the EEKs.