[
https://issues.apache.org/jira/browse/NIFI-8683?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Chris Sampson updated NIFI-8683:
--------------------------------
Status: Patch Available (was: In Progress)
> SSLContextService should allow Expression Language to be used for TRUSTSTORE
> and KEYSTORE
> -----------------------------------------------------------------------------------------
>
> Key: NIFI-8683
> URL: https://issues.apache.org/jira/browse/NIFI-8683
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 1.13.2
> Reporter: Chris Sampson
> Assignee: Chris Sampson
> Priority: Minor
> Time Spent: 10m
> Remaining Estimate: 0h
>
> It would be handy (in clustered environments) for the {{SSLContextService}}
> to allow Expression Language to be used for specifying the TRUSTSTORE and
> KEYSTORE properties.
> This would allow users to use an expression like
> {quote}
> "/opt/nifi/nifi-current/conf/certs/${hostname(false)}.jks"
> {quote}
> to reference files that are unique to each host within the cluster (e.g. if
> using TLS protected communications for Site-To-Site Reporting from a
> cluster). Each file would still need to use the same password, but at least
> each host could have its own uniquely named certificate file (instead of
> having to create the same file on each host, which can lead to users
> incorrectly creating wildcard certificates for their clusters, which is
> discouraged).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
