[ https://issues.apache.org/jira/browse/NIFI-1995?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andy LoPresto updated NIFI-1995: -------------------------------- Fix Version/s: (was: 1.0.0) > Support keystores with multiple certificates by exposing alias selection in > configuration > ----------------------------------------------------------------------------------------- > > Key: NIFI-1995 > URL: https://issues.apache.org/jira/browse/NIFI-1995 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework > Affects Versions: 0.6.1 > Reporter: Andy LoPresto > Assignee: Andy LoPresto > Labels: certificate, keystore, security > > Some users and organizations would like to provide different certificates for > identification of the same NiFi instance when acting in different roles (for > example, one certificate to identify the server for the API / UI interaction, > and another to identify the server in cluster communications and/or > site-to-site communications). A preliminary list of roles is: > * API / UI host > * remote authorization / authentication repositories (communicating with > Ranger, LDAP, KDC, etc.) > * cluster (node/NCM/Zookeeper) > * site-to-site > * client when connecting to remote services during data flow ({{InvokeHTTP}}, > {{PutSQL}}, etc.) > This should be implemented in a manner that does not break the default > operation (i.e. a keystore with a single certificate value) but allows easy > overriding for one or more of the roles listed above. -- This message was sent by Atlassian JIRA (v6.3.4#6332)