You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2023/10/09 21:00:00 UTC
[jira] [Commented] (NIFI-12169) Documentation updates to provide alternatives to usage of TLS Toolkit
[ https://issues.apache.org/jira/browse/NIFI-12169?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17773476#comment-17773476 ]
ASF subversion and git services commented on NIFI-12169:
--------------------------------------------------------
Commit 130c8e9903729687ef028d06b68298225286fba6 in nifi's branch refs/heads/main from Paul Grey
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=130c8e9903 ]
NIFI-12169 - Document alternatives to usage of TLS Toolkit
This closes #7860
Signed-off-by: David Handermann <ex...@apache.org>
> Documentation updates to provide alternatives to usage of TLS Toolkit
> ----------------------------------------------------------------------
>
> Key: NIFI-12169
> URL: https://issues.apache.org/jira/browse/NIFI-12169
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Documentation & Website
> Reporter: Paul Grey
> Assignee: Paul Grey
> Priority: Minor
> Time Spent: 20m
> Remaining Estimate: 0h
>
> mailing list discussion:
> - https://lists.apache.org/thread/vn1nzobtz4fh7fs461sgg8jj9zygrk0f
> Eventual goal is the deprecation of TLS Toolkit [1] for targeted NiFi 2.0 release, in order to address maintenance concerns.
> Generation of equivalent keystores and truststores for single development node is covered by automatic self-signed certificate generation added in NiFi 1.14.0 [2]. Kubernetes cert-manager / organization-specific Certificate Authorities / Let's Encrypt service provide coverage for keystore needs in production deployments.
> For development clusters, OpenSSL and Java Keytool provide another means to generate NiFi-ready keystores to be used for secured communication between cluster nodes. Documentation of needed "openssl/keytool" command sequences should fill needs currently provided by TLS Toolkit.
> Probable scope would include touches of Admin Guide (administration-guide.adoc), Toolkit Guide (toolkit-guide.adoc), and Walkthroughs (walkthroughs.adoc). Follow-on work would target the removal of the current TLS Toolkit.
> [1] https://github.com/apache/nifi/tree/main/nifi-toolkit/nifi-toolkit-tls
> [2] https://issues.apache.org/jira/browse/NIFI-8403
--
This message was sent by Atlassian Jira
(v8.20.10#820010)