You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Aldrin Piri (JIRA)" <ji...@apache.org> on 2017/04/11 12:53:41 UTC

[jira] [Created] (NIFI-3691) Provide utility to verify configured security settings and certificates

Aldrin Piri created NIFI-3691:
---------------------------------

             Summary: Provide utility to verify configured security settings and certificates
                 Key: NIFI-3691
                 URL: https://issues.apache.org/jira/browse/NIFI-3691
             Project: Apache NiFi
          Issue Type: Sub-task
          Components: Configuration
            Reporter: Aldrin Piri


It would be helpful to provide a utility that could analyze keystores/truststores to verify compatibility and expected behavior with configured security settings such as two way SSL (right hostname, alias, etc).  The idea is that as a diagnostic tool, we could provide users with some help to verify and troubleshoot any issues that may exist with certificates outside of more expensive change/restart loops with NiFi.  As a follow-on, it would be helpful to get a listing of key properties about the configured keystore/truststore or files provided.  An extension of this might additionally setup a client/server test with the utility between instances, again, to verify correct operation without doing so in NiFi itself as suggested by the parent ticket.

It would be nice to provide this as part of the NiFi release and accessible via nifi.sh.  By extension, the functionality could also appear in the TLS toolkit.  



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)