Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-2186

Cluster communication treats client and server sockets identically for peer certificate DN extraction

Agile BoardAttach filesAttach ScreenshotVotersStop watchingWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

      Description

      The code to extract the peer certificate DN is identical for client and server SSLSocket, which means that servers are subject to the nifi.security.needClientAuth setting being set to true. Server certificates must be present in a secure connection regardless of this setting. This was fixed in 0.x in NIFI-2119 and must be ported to the master branch.

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              alopresto Andy LoPresto
              Reporter:
              alopresto Andy LoPresto

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment