You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Chris Potter (JIRA)" <ji...@apache.org> on 2019/01/04 21:16:00 UTC
[jira] [Updated] (NIFI-5932) Enable CRL usage in
StandardSSLContextService and/or HandleHttpRequest
[ https://issues.apache.org/jira/browse/NIFI-5932?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Chris Potter updated NIFI-5932:
-------------------------------
Summary: Enable CRL usage in StandardSSLContextService and/or HandleHttpRequest (was: Enable CRL usage in Standard[Restricted]SSLContextService)
> Enable CRL usage in StandardSSLContextService and/or HandleHttpRequest
> ----------------------------------------------------------------------
>
> Key: NIFI-5932
> URL: https://issues.apache.org/jira/browse/NIFI-5932
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Chris Potter
> Priority: Major
>
> Currently the StandardSSLContextService and StandardRestrictedSSLContextService do not have a configuration field to specify a Certificate Revocation List (CRL) to be used by the server to check whether the client's certificate has been revoked.
> I've been getting around this by writing custom modifications of the HandleHttpRequest processor which do include CRL functionality, every time we get a new version of NiFi. It is only a few lines of code that have to be added to enable this, but re-building the NAR every time we upgrade (in order to get the features/bug fixes to the base processor) is a hassle. I think there would be significant value to some NiFi users if this were rolled into the controller services that come with the system.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)