You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "ASF subversion and git services (Jira)" <ji...@apache.org> on 2022/03/21 15:53:00 UTC
[jira] [Commented] (NIFI-9786) KeyStoreUtils.isStoreValid() suppresses exceptions without logging when trying to open a keystore
[ https://issues.apache.org/jira/browse/NIFI-9786?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17509963#comment-17509963 ]
ASF subversion and git services commented on NIFI-9786:
-------------------------------------------------------
Commit a8cd7e5200332b38006a99a55e600de3650377a1 in nifi's branch refs/heads/main from Tamas Horvath
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=a8cd7e5 ]
NIFI-9786 Added debug to KeyStoreUtils.isStoreValid
This closes #5884
Signed-off-by: David Handermann <ex...@apache.org>
> KeyStoreUtils.isStoreValid() suppresses exceptions without logging when trying to open a keystore
> -------------------------------------------------------------------------------------------------
>
> Key: NIFI-9786
> URL: https://issues.apache.org/jira/browse/NIFI-9786
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Peter Gyori
> Assignee: Tamas Horvath
> Priority: Minor
> Time Spent: 40m
> Remaining Estimate: 0h
>
> KeyStoreUtils.isStoreValid() simply returns false if the keystore cannot be opened e.g. because the password is wrong. There is no log entry about why the keystore is not valid.
> As a result when SslContextFactory.getTrustManagers() method attempts to read a trust store file using the configured properties, if the password is wrong, the method is not informed why, and only throws a TlsException stating "The truststore properties are not valid".
> It would be useful to add debug-level logging to KeyStoreUtils.isStoreValid() to log the reason for the keystore being invalid.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)