Andy LoPresto created NIFI-1480:
-----------------------------------
Summary: Allow different cipher suites configurable properties for
NiFi UI & integrations
Key: NIFI-1480
URL: https://issues.apache.org/jira/browse/NIFI-1480
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 0.5.0
Reporter: Andy LoPresto
Assignee: Andy LoPresto
Currently NiFi uses the same collection of TLS cipher suites for both its role
as a server and outgoing connections (i.e. {{GetHTTP}} or {{InvokeHTTP}}
processors, etc.). This collection is not customizable or modifiable by end
users.
Extract these values from the application to be configurable, provide sensible
defaults, and decouple the roles so they can be set independently (i.e. more
restrictive and stronger cipher suites for NiFi as a server, but allowing
weaker/fallback cipher suites for external connections to a legacy resource).
[Mozilla TLS Configuration
Tool|https://mozilla.github.io/server-side-tls/ssl-config-generator/]
[Mozilla TLS Configuration
Wiki|https://wiki.mozilla.org/Security/Server_Side_TLS]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
