[
https://issues.apache.org/jira/browse/NIFI-8683?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17366808#comment-17366808
]
ASF subversion and git services commented on NIFI-8683:
-------------------------------------------------------
Commit 02b4e33aa6cbcba4e3dea706aa9b20e8b501b06f in nifi's branch
refs/heads/main from Chris Sampson
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=02b4e33 ]
NIFI-8683 support Expression Language for the Truststore/Keystore properties of
SSLContextService
This closes #5147
Signed-off-by: David Handermann <[email protected]>
> SSLContextService should allow Expression Language to be used for TRUSTSTORE
> and KEYSTORE
> -----------------------------------------------------------------------------------------
>
> Key: NIFI-8683
> URL: https://issues.apache.org/jira/browse/NIFI-8683
> Project: Apache NiFi
> Issue Type: Improvement
> Affects Versions: 1.13.2
> Reporter: Chris Sampson
> Assignee: Chris Sampson
> Priority: Minor
> Time Spent: 2h 40m
> Remaining Estimate: 0h
>
> It would be handy (in clustered environments) for the {{SSLContextService}}
> to allow Expression Language to be used for specifying the TRUSTSTORE and
> KEYSTORE properties.
> This would allow users to use an expression like
> {quote}
> "/opt/nifi/nifi-current/conf/certs/${hostname(false)}.jks"
> {quote}
> to reference files that are unique to each host within the cluster (e.g. if
> using TLS protected communications for Site-To-Site Reporting from a
> cluster). Each file would still need to use the same password, but at least
> each host could have its own uniquely named certificate file (instead of
> having to create the same file on each host, which can lead to users
> incorrectly creating wildcard certificates for their clusters, which is
> discouraged).
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
