Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-1355

Provide dynamic code-generated certificates for HTTP tests to avoid expiry

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: In Progress
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 0.4.0, 0.4.1
    • Fix Version/s: None
    • Component/s: Core Framework

      Description

      As documented, the test certificates/keys used in the TestInvokeHttp and TestInvokeHttpSSL tests expired in 2014. With the constant removal of non-certificate based cipher suites from client libraries, the lack of valid certificates meant that the Jetty server could not offer any compatible cipher suites, and the tests failed. I manually generated and loaded new certificates but they expire after 1 year. Adding code to dynamically generate and load these certificates into the keystore and truststore would remove this inconsistent blocker.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                alopresto Andy LoPresto
                Reporter:
                alopresto Andy LoPresto
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: