[ https://issues.apache.org/jira/browse/NIFI-7819?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17229542#comment-17229542 ]
ASF subversion and git services commented on NIFI-7819: ------------------------------------------------------- Commit 479ee6e3db58ee22dc1c7f4510eed5767c4458a0 in nifi's branch refs/heads/main from Nathan Gough [ https://gitbox.apache.org/repos/asf?p=nifi.git;h=479ee6e ] NIFI-7819 - Added ZooKeeperStateProvider TLS properties. - Added tests for TLS with ZooKeeperStateProvider. - Added docs to administration guide. - Small fixes for PR comments. - Changed the ZooKeeperStateProvider to receive configuration from the nifi.properties file. Uses the Zookeeper TLS properties or if they are not declared, uses the standard NiFi TLS properties. - Updated administration-guide. - Fixed some boolean literalsl. Set the ZooKeeper watcher to null. Removed stacktrace prints to standard out. Added getPreferredProperty for key/truststore types. - Removing some unused code. Fixing up NiFi properties methods. Removed whitespace. - Added some tests for getPreferredProperty(). - Checkstyle fixes. - Passing through nifi properties to the state provider using an annotation to avoid ZooKeeper references in the StateManagerProvider. - Fixed comment. - Added CLIENT_SECURE property to isZooKeeperTlsConfigurationPresent() check. - Small change to getPreferredProperty, added more tests. - Added checkstyle fix. - Moved StateProviderContext to nifi-framework-api. - Changed combine properties to handle null NiFiProperties. Inject NiFiProperties object for tests. - Checkstyle fix. - Changed the connect string in state-management.xml to be required. Rearranged order of property validation to validate before initialization. - Rearranged the way ZooKeeperClientConfig is initialized and added a non blank validator to connect string. - Minor change to ZooKeeperClientConfig member variable set and get. This closes #4613. Signed-off-by: Bryan Bende <bbe...@apache.org> > Add Zookeeper client TLS (external zookeeper) for cluster state management > -------------------------------------------------------------------------- > > Key: NIFI-7819 > URL: https://issues.apache.org/jira/browse/NIFI-7819 > Project: Apache NiFi > Issue Type: Sub-task > Affects Versions: 1.12.0 > Reporter: Nathan Gough > Assignee: Nathan Gough > Priority: Major > Labels: security, tls, zookeeper > > When NiFi is configured to use an external Zookeeper, configuration on the > NiFi side should allow cluster state management to use TLS. If configured > with TLS, it should not allow any connections/communication to operate > unsecured (an all or nothing approach). > This ticket, in combination with NIFI-7115, should allow NiFi to completely > use an external Zookeeper securely. -- This message was sent by Atlassian Jira (v8.3.4#803005)