You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Liu Zheng (Jira)" <ji...@apache.org> on 2022/11/02 03:12:00 UTC

[jira] [Commented] (NIFI-7786) Bring back Trusted Hostname property from InvokeHTTP processor

    [ https://issues.apache.org/jira/browse/NIFI-7786?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17627440#comment-17627440 ] 

Liu Zheng commented on NIFI-7786:
---------------------------------

To get around hostname is invalid, I had to manually extend a new InvokeHttp from the NAR level.
I definitely know it's an untrusted certificate and doesn't follow subject alternative name matching, but it's just a test of the ip address.
At the same time, the security measures are incredibly strict, especially for the subject alternative name.
I can't rectify the whole system key for one tiny feature. This is not realistic.
I've always felt that security risk is something to consider, but please leave the choice to the user, not the tool itself.

> Bring back Trusted Hostname property from InvokeHTTP processor
> --------------------------------------------------------------
>
>                 Key: NIFI-7786
>                 URL: https://issues.apache.org/jira/browse/NIFI-7786
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.10.0
>            Reporter: Kun Deng
>            Priority: Major
>
> Removing this option is a mistake.  Just google how many people need this option for various reasons. 
> It is an option so that by using it, people are willing to take the risks. 
>  
> Please bring back this option.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)