XMLWordPrintableJSON

    Details

      Description

      The CET should encrypt sensitive properties for the NiFi Registry.

      The necessary improvements include:

      • the tool should respect the input filename and not generate a hard-coded nifi.properties file as output; if the input file is nifi-registry.properties and no output filename is provided as an argument, the output file should be nifi-registry.properties as well
      • Keys starting with nifi.registry.* should be detected (currently, the list of sensitive properties is hard-coded, so nifi.registry.security.keystorePasswd doesn't get encrypted, for example)
      • nifi.registry.sensitive.props.additional.keys should be detected
      • nifi.sensitive.props.additional.keys must be manually renamed
      • The encrypted output shows 3 protected when only 2 properties are. This is because nifi.sensitive.props.key was generated but did not persist (because it didn't already exist in nifi-registry.properties)
      • nifi.registry.db.password should be detected

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                alopresto Andy LoPresto
                Reporter:
                alopresto Andy LoPresto
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated: