Chris Sampson created NIFI-8683:
-----------------------------------
Summary: SSLContextService should allow Expression Language to be
used for TRUSTSTORE and KEYSTORE
Key: NIFI-8683
URL: https://issues.apache.org/jira/browse/NIFI-8683
Project: Apache NiFi
Issue Type: Improvement
Affects Versions: 1.13.2
Reporter: Chris Sampson
It would be handy (in clustered environments) for the {{SSLContextService}} to
allow Expression Language to be used for specifying the TRUSTSTORE and KEYSTORE
properties.
This would allow users to use an expression like
{quote}
"/opt/nifi/nifi-current/conf/certs/${hostname(false)}.jks"
{quote}
to reference files that are unique to each host within the cluster (e.g. if
using TLS protected communications for Site-To-Site Reporting from a cluster).
Each file would still need to use the same password, but at least each host
could have its own uniquely named certificate file (instead of having to create
the same file on each host, which can lead to users incorrectly creating
wildcard certificates for their clusters, which is discouraged).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
