1 files changed, 5 insertions, 1 deletions

diff --git a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def
index 8d709cb8ab1..59893753bea 100644
--- a/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def
+++ b/jdisc_http_service/src/main/resources/configdefinitions/jdisc.http.connector.def
@@ -45,8 +45,9 @@ ssl.enabled                         bool     default=false
 
 # The name of the key to the password to the key store if in the secret store, if JKS is used.
 # Must be empty with PEM
-# By default this is also used to look up the password to the trust store. 
+# By default this is also used to look up the password to the trust store.
 ssl.keyDbKey                        string   default=""
+# TODO Rename keyDbKey to keyStorePassword after introducing custom services.xml syntax
 
 # Names of protocols to exclude.
 ssl.excludeProtocol[].name          string
@@ -74,9 +75,12 @@ ssl.trustStoreType                  enum { JKS }  default=JKS
 # JKS only - the path to the truststore.
 ssl.trustStorePath                  string   default=""
 
+# TODO Add separate config for truststore password
+
 # Whether we should use keyDbKey as password to the trust store (true, default),
 # or use no password with the trust store (false)
 ssl.useTrustStorePassword           bool   default=true
+# TODO Fix broken semantics with truststore and keystore password in Vespa 7 / Vespa 8
 
 # The algorithm name used by the KeyManagerFactory.
 ssl.sslKeyManagerFactoryAlgorithm   string   default="SunX509"