[
https://issues.apache.org/jira/browse/NIFI-6019?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17189344#comment-17189344
]
Joe Witt commented on NIFI-6019:
--------------------------------
I'll link your new JIRA on this issue to this one and comment to your statement
here on that.
> Remove Trusted Hostname property from InvokeHTTP processor
> ----------------------------------------------------------
>
> Key: NIFI-6019
> URL: https://issues.apache.org/jira/browse/NIFI-6019
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Extensions
> Affects Versions: 1.8.0
> Reporter: Andy LoPresto
> Assignee: Troy Melhase
> Priority: Major
> Labels: InvokeHTTP, certificate, hostname, http, security, tls
> Fix For: 1.10.0
>
> Time Spent: 1h 20m
> Remaining Estimate: 0h
>
> The {{Trusted Hostname}} property in the {{InvokeHTTP}} processor is a legacy
> property created for a specific use in constrained environments. It now
> causes more problems than it solves ([mailing list
> questions|https://lists.apache.org/[email protected]:gte=1d:trusted%20hostname])
> and should not be provided as it is a security risk. Removing this property
> and encouraging users to correctly deploy TLS certificates when necessary is
> the correct path forward.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
