[jira] [Commented] (NIFI-1163) GetHTTP throws an NPE if a context service is used with only a truststore and no keystore

Sat, 14 Nov 2015 15:51:45 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFI-1163?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15005671#comment-15005671
 ] 

ASF subversion and git services commented on NIFI-1163:
-------------------------------------------------------

Commit 01539ed3230894b062a7c2e42ffd9b50e3d51bf3 in nifi's branch 
refs/heads/master from [~aldrin]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=01539ed ]

NIFI-1163: Providing handling of SSLContext creation in GetHTTP in case of only 
performing a one-way SSL request and accompanying test to verify the 
configuration/usage.

Reviewed by Tony Kurc ([email protected])


> GetHTTP throws an NPE if a context service is used with only a truststore and 
> no keystore 
> ------------------------------------------------------------------------------------------
>
>                 Key: NIFI-1163
>                 URL: https://issues.apache.org/jira/browse/NIFI-1163
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Extensions
>    Affects Versions: 0.3.0
>            Reporter: Aldrin Piri
>            Assignee: Aldrin Piri
>             Fix For: 0.4.0
>
>         Attachments: 
> 0001-NIFI-1163-Providing-handling-of-SSLContext-creation-.patch
>
>
> Consider a one-way SSL connection to an HTTPS endpoint.  We might want to 
> specify a truststore to talk with that endpoint but not a keystore.
> The problem stems from the following method: 
> {code}
>     private SSLContext createSSLContext(final SSLContextService service)
>             throws KeyStoreException, IOException, NoSuchAlgorithmException, 
> CertificateException, KeyManagementException, UnrecoverableKeyException {
>         final KeyStore truststore = 
> KeyStore.getInstance(service.getTrustStoreType());
>         try (final InputStream in = new FileInputStream(new 
> File(service.getTrustStoreFile()))) {
>             truststore.load(in, 
> service.getTrustStorePassword().toCharArray());
>         }
>         final KeyStore keystore = 
> KeyStore.getInstance(service.getKeyStoreType());
>         try (final InputStream in = new FileInputStream(new 
> File(service.getKeyStoreFile()))) {
>             keystore.load(in, service.getKeyStorePassword().toCharArray());
>         }
>         final SSLContext sslContext = 
> SSLContexts.custom().loadTrustMaterial(truststore, new 
> TrustSelfSignedStrategy()).loadKeyMaterial(keystore, 
> service.getKeyStorePassword().toCharArray()).build();
>         return sslContext;
>     }
> {code}
> In this case there are no keystore properties causing this process to fail.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to