Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-1480

Allow different cipher suites configurable properties for NiFi UI & integrations

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    Description

      Currently NiFi uses the same collection of TLS cipher suites for both its role as a server and outgoing connections (i.e. GetHTTP or InvokeHTTP processors, etc.). This collection is not customizable or modifiable by end users.

      Extract these values from the application to be configurable, provide sensible defaults, and decouple the roles so they can be set independently (i.e. more restrictive and stronger cipher suites for NiFi as a server, but allowing weaker/fallback cipher suites for external connections to a legacy resource).

      Mozilla TLS Configuration Tool
      Mozilla TLS Configuration Wiki

      Attachments

        Issue Links

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            alopresto Andy LoPresto
            alopresto Andy LoPresto

            Dates

              Created:
              Updated:

              Slack

                Issue deployment