[
https://issues.apache.org/jira/browse/RANGER-2636?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16968538#comment-16968538
]
Bryan Bende commented on RANGER-2636:
-------------------------------------
Review Board is created - [https://reviews.apache.org/r/71733]
Good points, I did consider those two things, but I think both are ok. This
will be a new option for new installs, and default is false which is consistent
with existing behavior.
> Allow NiFi Client to use default SSLContext
> -------------------------------------------
>
> Key: RANGER-2636
> URL: https://issues.apache.org/jira/browse/RANGER-2636
> Project: Ranger
> Issue Type: Improvement
> Components: plugins
> Affects Versions: 2.0.0
> Reporter: Bryan Bende
> Assignee: Bryan Bende
> Priority: Major
> Fix For: 2.1.0
>
> Attachments:
> 0001-RANGER-2636-Modifying-NiFi-and-NiFi-Registry-service.patch
>
>
> Currently when defining a new NiFi service, if the url is https, then the
> user is required to supply the configuration for the keystore/truststore to
> use for creating an SSLContext to talk back to NiFi.
> In cases where the ranger's truststore already trusts the certificates used
> by NiFi, there should be a way to just use ranger's SSLContext and not have
> to provide any information.
> This is similar to the solution for RANGER-2567 for communicating with an SSL
> enabled Solr.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
