This repository has been archived by the owner on Jul 21, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 2
Improve SSL Context support in GetPolicies #45
Labels
enhancement
New feature or request
Comments
Those lines came directly from the implementation of InvokeHttp: |
in 1.11.4 it doesnt call setSslSocketFactory at all from setUpClient. thats dead code The code block looks like this for lines 647-666
In 1.12.1, the logic changes again in its lines 761-766
|
Needs reassessed for whether NiFi 1.12.1+ code pattern adequately handles setting a Key Password independently of Keystore Password |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
This same concern may apply to other processors initializing SSL Context in the same way.
There is not adequate support for a Key Password indepdent of the Keystore Password. The NiFi interface allows for specifying both a Keystore Password and a Key Password as shown here
![Screenshot from 2020-12-11 19-39-33](https://user-images.githubusercontent.com/14304023/101947583-9e58c000-3be8-11eb-9c94-98ca11e32b4e.png)
The current implementation in GetPolicies only takes into account the Keystore Password when initializing the key manager
https://github.com/greymatter-io/nifi-sdk/blob/main/gmd-sdk/nifi-data-processors/src/main/scala/com/deciphernow/greymatter/data/nifi/processors/GetPolicies.java#L288-L303
The description for Key Password is as follows:
The password for the key. If this is not specified, but the Keystore Filename, Password, and Type are specified, then the Keystore Password will be assumed to be the same as the Key Password.
The text was updated successfully, but these errors were encountered: