Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-8037

Support TLS 1.3 in SSLContextService on Java 8

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Patch Available
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 1.13.0, 1.12.1
    • Fix Version/s: None
    • Component/s: Security
    • Labels:
      None
    • Environment:
      AdoptOpenJDK 8 Update 275 and Azul Zulu JDK 8 Update 275

      Description

      The following vendors introduced support for TLS 1.3 on Java 8:

      The StandardSSLContextService and StandardRestrictedSSLContextService services do not support selecting TLS 1.3 when running on Java 8 due to TlsConfiguration class methods checking the Java runtime version and return TLSv1.2 for versions older than Java 11.

      Improvements to resolve unit test issues with TLS protocols in NIFI-8019 could be leveraged to support runtime determination of supported TLS protocol versions. This would provide the option to select TLS 1.3 when running on supported versions of Java 8 and remove the need for checking the Java version number.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                exceptionfactory David Handermann
                Reporter:
                exceptionfactory David Handermann
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 0.5h
                  0.5h