[NIFI-11133] TLS Toolkit Standalone Mode Sets Null Password for Client Keys - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.20.0
Component/s: None
Labels:
None

Description

The TLS Toolkit in Standalone Mode supports the option to generate one or more Client Key Stores. The Standalone Mode generates a Key Pair with a signed Certificate for each client requested and uses a null when adding the Private Key Entry to the Key Store. This approach causes an UnrecoverableKeyException when attempting to read the generated PKCS12 Key Store. The implementation should be corrected to set a Key Password using the value provided for the Key Store Password, which is the standard approach for PKCS12.

Attachments

Issue Links

is related to

NIFI-10929 NiFi generated certificates (e.g. Single User, or nifi-toolkit) are not compatible with OpenSSL 3.x+

Resolved

NIFI-10932 NiFi Toolkit CLI cannot connect to NiFi - trustAnchors parameter must be non-empty

Resolved

links to

GitHub Pull Request #6920

Activity

People

Assignee:: David Handermann

Reporter:: David Handermann

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/Feb/23 19:03

Updated:: 03/Feb/23 16:49

Resolved:: 03/Feb/23 16:49

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

20m