You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "David Handermann (Jira)" <ji...@apache.org> on 2021/07/19 19:55:00 UTC
[jira] [Resolved] (NIFI-6563) Add support for TLSv1.3 when running
on Java 11
[ https://issues.apache.org/jira/browse/NIFI-6563?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann resolved NIFI-6563.
------------------------------------
Fix Version/s: 1.14.0
Resolution: Implemented
NIFI-7804 introduced TlsConfiguration helper methods to return a TLS protocol version based on the parsed Java version being 8 or 11. NIFI-8037 updated SSL Context Service implementations using TlsPlatform to get supported TLS versions based on the runtime configuration. NIFI-7468 updated the SSLSocketChannel class, used in a handful of components, to work correctly with TLS 1.3 Post-Handshake Messages.
With these updates released in version 1.14.0, there do not appear to any fundamental issues with TLS 1.3 support in Java 11. Particular components may still require changes, but those issues can be addressed separately.
> Add support for TLSv1.3 when running on Java 11
> -----------------------------------------------
>
> Key: NIFI-6563
> URL: https://issues.apache.org/jira/browse/NIFI-6563
> Project: Apache NiFi
> Issue Type: Sub-task
> Components: Core Framework, Tools and Build
> Affects Versions: 1.9.2
> Reporter: Jeff Storck
> Assignee: David Handermann
> Priority: Major
> Fix For: 1.14.0
>
>
> Add full support for TLSv1.3 running on Java 11.
> Some components currently work (S2S over HTTP, for example) with TLSv1.3.
> One issue related to specifying "TLS" for the protocol in an SSLContext is different (implied) behavior between running on Java 8 and 11, since the "newest" version of the TLS protocol available on the JVM will be used.
> More details will be added upon further analysis.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)