[
https://issues.apache.org/jira/browse/NIFI-1355?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
M Tien updated NIFI-1355:
-------------------------
Fix Version/s: (was: 1.14.0)
1.13.0
> Provide dynamic code-generated certificates for HTTP tests to avoid expiry
> --------------------------------------------------------------------------
>
> Key: NIFI-1355
> URL: https://issues.apache.org/jira/browse/NIFI-1355
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Affects Versions: 0.4.0, 0.4.1
> Reporter: Andy LoPresto
> Assignee: M Tien
> Priority: Major
> Labels: certificate, security, test
> Fix For: 1.13.0
>
> Time Spent: 8h
> Remaining Estimate: 0h
>
> As documented, the test certificates/keys used in the TestInvokeHttp and
> TestInvokeHttpSSL tests expired in 2014. With the constant removal of
> non-certificate based cipher suites from client libraries, the lack of valid
> certificates meant that the Jetty server could not offer any compatible
> cipher suites, and the tests failed. I manually generated and loaded new
> certificates but they expire after 1 year. Adding code to dynamically
> generate and load these certificates into the keystore and truststore would
> remove this inconsistent blocker.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
