You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2023/10/09 21:00:00 UTC

[jira] [Commented] (NIFI-12169) Documentation updates to provide alternatives to usage of TLS Toolkit

    [ https://issues.apache.org/jira/browse/NIFI-12169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17773476#comment-17773476 ] 

ASF subversion and git services commented on NIFI-12169:
--------------------------------------------------------

Commit 130c8e9903729687ef028d06b68298225286fba6 in nifi's branch refs/heads/main from Paul Grey
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=130c8e9903 ]

NIFI-12169 - Document alternatives to usage of TLS Toolkit

This closes #7860

Signed-off-by: David Handermann <ex...@apache.org>


> Documentation updates to provide alternatives to usage of TLS Toolkit 
> ----------------------------------------------------------------------
>
>                 Key: NIFI-12169
>                 URL: https://issues.apache.org/jira/browse/NIFI-12169
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Documentation &amp; Website
>            Reporter: Paul Grey
>            Assignee: Paul Grey
>            Priority: Minor
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> mailing list discussion:
> - https://lists.apache.org/thread/vn1nzobtz4fh7fs461sgg8jj9zygrk0f
> Eventual goal is the deprecation of TLS Toolkit [1] for targeted NiFi 2.0 release, in order to address maintenance concerns.  
> Generation of equivalent keystores and truststores for single development node is covered by automatic self-signed certificate generation added in NiFi 1.14.0 [2].  Kubernetes cert-manager / organization-specific Certificate Authorities / Let's Encrypt service provide coverage for keystore needs in production deployments.
> For development clusters, OpenSSL and Java Keytool provide another means to generate NiFi-ready keystores to be used for secured communication between cluster nodes.  Documentation of needed "openssl/keytool" command sequences should fill needs currently provided by TLS Toolkit.
> Probable scope would include touches of Admin Guide (administration-guide.adoc), Toolkit Guide (toolkit-guide.adoc), and Walkthroughs (walkthroughs.adoc).  Follow-on work would target the removal of the current TLS Toolkit.
> [1] https://github.com/apache/nifi/tree/main/nifi-toolkit/nifi-toolkit-tls
> [2] https://issues.apache.org/jira/browse/NIFI-8403



--
This message was sent by Atlassian Jira
(v8.20.10#820010)