You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2020/12/02 13:14:00 UTC

[jira] [Commented] (NIFI-8059) As a user of the PutEmail processor I would like to be able to sign emails using a certificate

    [ https://issues.apache.org/jira/browse/NIFI-8059?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17242357#comment-17242357 ] 

David Handermann commented on NIFI-8059:
----------------------------------------

This feature would be a useful addition to the email capabilities of NiFi.  Encrypting and signing emails involves a number of configuration options, so it seems that it would be better to implement these capabilities as separate components, as opposed to introducing more complexity into the existing PutEmail Processor.

Although the SSLContextService provides access to the configured key store, it still requires constructing a Java KeyStore object and extracting certificates.  To support greater flexibility, using custom Controller Services to provide access to X.509 certificates and keys would be helpful.

NIFI-7836 and the corresponding [PR|https://github.com/apache/nifi/pull/4557] include Processors and Controller Services to handle CMS encryption, which underlies the S/MIME specification.  Additional Processors would be necessary to support signed emails, but it would be helpful to evaluate those components to see how they might align with the use case described.

> As a user of the PutEmail processor I would like to be able to sign emails using a certificate
> ----------------------------------------------------------------------------------------------
>
>                 Key: NIFI-8059
>                 URL: https://issues.apache.org/jira/browse/NIFI-8059
>             Project: Apache NiFi
>          Issue Type: New Feature
>            Reporter: Cory Wixom
>            Priority: Minor
>              Labels: security
>
> The current PutEmail processor is missing a couple important features to make it usable in certain secure environments. The most important of which is that it doesn't allow you to digitally sign an email with a certificate.
> This ticket is to modify the processor to allow taking an SSLContext and sign the email with the certificate.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)