[NIFI-5461] TLS Toolkit should populate generated client certificate DN into authorizers.xml if requested - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 1.7.1
Fix Version/s: None
Component/s: Configuration, Security, Tools and Build
Labels:
- authentication
- authorization
- certificate
- client
- pki
- security
- tls
- tls-toolkit

Epic Link:
NiFi security configuration requires substantial knowledge and effort to deploy

Description

When initially configuring the authorizers.xml, it can be difficult because the Initial Admin Identity must be exactly the same as the Distinguished Name (DN) from the generated client certificate. Spaces in the DN can make this especially hard. The TLS Toolkit should have a command-line option which instructs it to generate an authorizers.xml with the client DN populated as the IAI in every necessary location.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Andy LoPresto

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 25/Jul/18 22:57

Updated:: 25/Jul/18 22:57