You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Andy LoPresto (Jira)" <ji...@apache.org> on 2020/02/20 00:22:00 UTC
[jira] [Commented] (NIFI-1478) Audit SSLContextFactory and
SSLSocketFactory usage throughout application
[ https://issues.apache.org/jira/browse/NIFI-1478?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17040531#comment-17040531 ]
Andy LoPresto commented on NIFI-1478:
-------------------------------------
Did some work on this as a follow on to NIFI-6927 PR 4047 (PR 4057).
> Audit SSLContextFactory and SSLSocketFactory usage throughout application
> -------------------------------------------------------------------------
>
> Key: NIFI-1478
> URL: https://issues.apache.org/jira/browse/NIFI-1478
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 0.5.0
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Critical
> Labels: certificate, security, tls
> Original Estimate: 336h
> Remaining Estimate: 336h
>
> The internal use of {{SSLSocketFactory}} and {{SSLContextFactory}} is inconsistent, as the application has grown around the concept of secure communications. NiFi can act as both a server and as a client for communications, and the default configuration should make it easy for new users to quickly secure the application for incoming and outgoing connections.
> In addition, {{SSLSocketFactory}} has some inconsistencies and idiosyncrasies which may confuse users [1].
> [1] http://stackoverflow.com/a/23365536/70465
--
This message was sent by Atlassian Jira
(v8.3.4#803005)