[ https://issues.apache.org/jira/browse/NIFI-8096?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann updated NIFI-8096: ----------------------------------- Status: Patch Available (was: In Progress) > Deprecate ClientAuth References in SslContextFactory and SSLContextService > -------------------------------------------------------------------------- > > Key: NIFI-8096 > URL: https://issues.apache.org/jira/browse/NIFI-8096 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework, Extensions, Security > Affects Versions: 1.12.1 > Reporter: David Handermann > Assignee: David Handermann > Priority: Minor > Labels: security > Time Spent: 10m > Remaining Estimate: 0h > > {{SslContextFactory}} in nifi-security-utils and {{SSLContextService}} in > nifi-ssl-context-service-api include methods for creating an {{SSLContext}} > based on a {{ClientAuth}} parameter. The > {{SslContextFactory.initializeSSLContext()}} method calls > {{setNeedClientAuth}} or {{setWantClientAuth}} on the default > {{SSLParameters}} object according to the {{ClientAuth}} value provided. > The default {{SSLParameters}} object returned from > {{SSLContext.getDefaultSSLParameters()}} is a new copy for each invocation, > which means that the value of {{ClientAuth}} passed to {{SslContextFactory}} > does not influence whether client certificates will be required or requested. > For this reason, the methods on {{SslContetFactory}} and > {{SSLContextService}} that accept a ClientAuth parameter should be deprecated > and references to these methods should be refactored. -- This message was sent by Atlassian Jira (v8.3.4#803005)