You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by GitBox <gi...@apache.org> on 2020/09/18 18:00:46 UTC

[GitHub] [nifi] thenatog commented on a change in pull request #4250: NIFI-7401 Add ZooKeeper client TLS to CuratorLeaderElectionManager

thenatog commented on a change in pull request #4250:
URL: https://github.com/apache/nifi/pull/4250#discussion_r490622374



##########
File path: nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-resources/src/main/resources/conf/nifi.properties
##########
@@ -236,6 +236,11 @@ nifi.zookeeper.connect.string=${nifi.zookeeper.connect.string}
 nifi.zookeeper.connect.timeout=${nifi.zookeeper.connect.timeout}
 nifi.zookeeper.session.timeout=${nifi.zookeeper.session.timeout}
 nifi.zookeeper.root.node=${nifi.zookeeper.root.node}
+nifi.zookeeper.client.secure=${nifi.zookeeper.client.secure}

Review comment:
       We might like to change these property names to align with the other nifi security fields:
   - nifi.zookeeper.ssl.keyStore.location -> nifi.zookeeper.security.keystore
   - nifi.zookeeper.ssl.keyStore.password -> nifi.zookeeper.security.keystorePasswd
   - nifi.zookeeper.ssl.trustStore.location -> nifi.zookeeper.security.truststore
   - nifi.zookeeper.ssl.trustStore.password -> nifi.zookeeper.security.truststorePasswd
   
   Also, is there any need to specify the keystore/truststore type as with the other nifi security properties? We currently support P12, JKS, and maybe JKCS




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org