You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Andy LoPresto (Jira)" <ji...@apache.org> on 2020/02/20 00:22:00 UTC

[jira] [Commented] (NIFI-1478) Audit SSLContextFactory and SSLSocketFactory usage throughout application

    [ https://issues.apache.org/jira/browse/NIFI-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17040531#comment-17040531 ] 

Andy LoPresto commented on NIFI-1478:
-------------------------------------

Did some work on this as a follow on to NIFI-6927 PR 4047 (PR 4057). 

> Audit SSLContextFactory and SSLSocketFactory usage throughout application
> -------------------------------------------------------------------------
>
>                 Key: NIFI-1478
>                 URL: https://issues.apache.org/jira/browse/NIFI-1478
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Core Framework
>    Affects Versions: 0.5.0
>            Reporter: Andy LoPresto
>            Assignee: Andy LoPresto
>            Priority: Critical
>              Labels: certificate, security, tls
>   Original Estimate: 336h
>  Remaining Estimate: 336h
>
> The internal use of {{SSLSocketFactory}} and {{SSLContextFactory}} is inconsistent, as the application has grown around the concept of secure communications. NiFi can act as both a server and as a client for communications, and the default configuration should make it easy for new users to quickly secure the application for incoming and outgoing connections. 
> In addition, {{SSLSocketFactory}} has some inconsistencies and idiosyncrasies which may confuse users [1]. 
> [1] http://stackoverflow.com/a/23365536/70465



--
This message was sent by Atlassian Jira
(v8.3.4#803005)