Bryan Bende created NIFI-1907:
---------------------------------
Summary: SiteToSiteClient not properly using keystore and
truststore properties
Key: NIFI-1907
URL: https://issues.apache.org/jira/browse/NIFI-1907
Project: Apache NiFi
Issue Type: Bug
Affects Versions: 0.6.1
Reporter: Bryan Bende
Assignee: Bryan Bende
Fix For: 0.7.0
SiteToSiteClient.Builder allows setting an SSLContext or setting all of the
individual SSL properties, it then has a method getSSLContext() which says that
if the sslContext is null return that, otherwise use the properties to create
one:
https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L575
The problem is this getSSLContext() is never called. When the builder's build()
method is called, it passes the builder to StandardSiteToSiteClientConfig and
just assigns all the member variables with direct access:
https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/SiteToSiteClient.java#L722
Later on in SocketClient it will call SiteToSiteClient.getSSLContext():
https://github.com/apache/nifi/blob/e4b7e47836edf47042973e604005058c28eed23b/nifi-commons/nifi-site-to-site-client/src/main/java/org/apache/nifi/remote/client/socket/SocketClient.java#L52
This will still be null here if only the SSL properties were initially
specified on the builder, and therefore won't end up creating an Https
connection and thus failing.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
