You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2022/10/28 13:25:17 UTC

[GitHub] [nifi] exceptionfactory commented on a diff in pull request #6559: NIFI-10675 Correct Neo4J 4.X+ SSL support

exceptionfactory commented on code in PR #6559:
URL: https://github.com/apache/nifi/pull/6559#discussion_r1008058591


##########
nifi-nar-bundles/nifi-graph-bundle/nifi-neo4j-cypher-service/src/main/java/org/apache/nifi/graph/Neo4JCypherClientService.java:
##########
@@ -137,23 +142,13 @@ public class Neo4JCypherClientService extends AbstractControllerService implemen
             .sensitive(false)
             .build();
 
-    public static final PropertyDescriptor ENCRYPTION = new PropertyDescriptor.Builder()
-            .name("neo4j-driver-tls-encryption-enabled")
-            .displayName("Neo4J Driver TLS Encryption")
-            .description("Is the driver using TLS encryption ?")
-            .defaultValue("false")
-            .required(true)
-            .allowableValues("true","false")
-            .addValidator(StandardValidators.BOOLEAN_VALIDATOR)
-            .sensitive(false)
-            .build();
-
-    public static final PropertyDescriptor SSL_CONTEXT_SERVICE = new PropertyDescriptor.Builder()
-            .name("SSL Context Service")
-            .description("The SSL Context Service used to provide client certificate information for TLS/SSL "
-                    + "connections.")
+    public static final PropertyDescriptor SSL_TRUST_STORE_FILE = new PropertyDescriptor.Builder()
+            .name("SSL Trust Chain PEM")
+            .description("Neo4J requires trust chains to be stored in a PEM file. If you want to use a custom trust chain " +
+                    "rather than defaulting to the system trust chain, specify the path to a PEM file with the trust chain.")
             .required(false)
-            .identifiesControllerService(SSLContextService.class)
+            .addValidator(StandardValidators.FILE_EXISTS_VALIDATOR)
+            .expressionLanguageSupported(ExpressionLanguageScope.VARIABLE_REGISTRY)

Review Comment:
   This property could make use of the newer Resource Reference feature, which would identify the trusted certificates to be specified a File path.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@nifi.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org