You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@nifi.apache.org by "Peter Turcsanyi (Jira)" <ji...@apache.org> on 2020/12/04 20:38:00 UTC

[jira] [Resolved] (NIFI-8057) Remove truststore check from SslContextFactory.createSslContext()

     [ https://issues.apache.org/jira/browse/NIFI-8057?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Peter Turcsanyi resolved NIFI-8057.
-----------------------------------
    Resolution: Won't Do

> Remove truststore check from SslContextFactory.createSslContext()
> -----------------------------------------------------------------
>
>                 Key: NIFI-8057
>                 URL: https://issues.apache.org/jira/browse/NIFI-8057
>             Project: Apache NiFi
>          Issue Type: Bug
>    Affects Versions: 1.12.0, 1.12.1
>            Reporter: Peter Turcsanyi
>            Priority: Major
>
> NIFI-7407 introduced a check in {{SslContextFactory.createSslContext()}}: if KS is configured, then TS must be configured too ([https://github.com/apache/nifi/blob/857eeca3c7d4b275fd698430594e7fae4864feff/nifi-commons/nifi-security-utils/src/main/java/org/apache/nifi/security/util/SslContextFactory.java#L79])
> This constraint is too strict for server-style processors (like ListenGRPC) where only a KS is needed for 1-way SSL (and the presence of TS turns on 2-way SSL).
> The check should be removed/relieved.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)