[ https://issues.apache.org/jira/browse/NIFI-8094?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann updated NIFI-8094: ----------------------------------- Labels: FIPS security (was: security) > Support BCFKS Keystore Type > --------------------------- > > Key: NIFI-8094 > URL: https://issues.apache.org/jira/browse/NIFI-8094 > Project: Apache NiFi > Issue Type: Improvement > Components: Core Framework, Extensions, Security > Affects Versions: 1.12.1 > Reporter: David Handermann > Assignee: David Handermann > Priority: Minor > Labels: FIPS, security > Time Spent: 1h > Remaining Estimate: 0h > > The [Bouncy Castle FIPS Key > Store|https://cryptosense.com/blog/bouncycastle-keystore-security/] (BCFKS) > format supports storage of certificates and private keys using AES-CCM and > PBKDF2 algorithms, providing greater security than the standard JKS and > PKCS12 implementations. Support for BCFKS can be implemented using Bouncy > Castle security provider libraries that are already leveraged throughout the > system. > Initial support should include the ability to specify BCFKS as the key store > and trust store type in standard properties files as well as the ability to > select BCFKS in implementations of the SSLContextService. > Extension components that do not use {{SSLContextService.createSSLContext()}} > may need additional work, which should be addressed in related issues > following this implementation. -- This message was sent by Atlassian Jira (v8.3.4#803005)