CLOUDSTACK-9023 filtering privatekey info from logging

api/src/org/apache/cloudstack/api/command/admin/resource/UploadCustomCertificateCmd.java

@@ -32,7 +32,7 @@ import com.cloud.user.Account;
 @APICommand(name = "uploadCustomCertificate",
             responseObject = CustomCertificateResponse.class,
             description = "Uploads a custom certificate for the console proxy VMs to use for SSL. Can be used to upload a single certificate signed by a known CA. Can also be used, through multiple calls, to upload a chain of certificates from CA to the custom certificate itself.",
-            requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
+            requestHasSensitiveInfo = true, responseHasSensitiveInfo = false)
 public class UploadCustomCertificateCmd extends BaseAsyncCmd {
     public static final Logger s_logger = Logger.getLogger(UploadCustomCertificateCmd.class.getName());
 

utils/src/main/java/com/cloud/utils/StringUtils.java

@@ -186,7 +186,7 @@ public class StringUtils {
     private static final Pattern REGEX_PASSWORD_QUERYSTRING = Pattern.compile("(&|%26)?[^(&|%26)]*((p|P)assword|accesskey|secretkey)(=|%3D).*?(?=(%26|[&'\"]|$))");
 
     // removes a password/accesskey/ property from a response json object
-    private static final Pattern REGEX_PASSWORD_JSON = Pattern.compile("\"((p|P)assword|accesskey|secretkey)\":\\s?\".*?\",?");
+    private static final Pattern REGEX_PASSWORD_JSON = Pattern.compile("\"((p|P)assword|privatekey|accesskey|secretkey)\":\\s?\".*?\",?");
 
     private static final Pattern REGEX_PASSWORD_DETAILS = Pattern.compile("(&|%26)?details(\\[|%5B)\\d*(\\]|%5D)\\.key(=|%3D)((p|P)assword|accesskey|secretkey)(?=(%26|[&'\"]))");