[
https://issues.apache.org/jira/browse/NIFI-6563?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann resolved NIFI-6563.
------------------------------------
Fix Version/s: 1.14.0
Resolution: Implemented
NIFI-7804 introduced TlsConfiguration helper methods to return a TLS protocol
version based on the parsed Java version being 8 or 11. NIFI-8037 updated SSL
Context Service implementations using TlsPlatform to get supported TLS versions
based on the runtime configuration. NIFI-7468 updated the SSLSocketChannel
class, used in a handful of components, to work correctly with TLS 1.3
Post-Handshake Messages.
With these updates released in version 1.14.0, there do not appear to any
fundamental issues with TLS 1.3 support in Java 11. Particular components may
still require changes, but those issues can be addressed separately.
> Add support for TLSv1.3 when running on Java 11
> -----------------------------------------------
>
> Key: NIFI-6563
> URL: https://issues.apache.org/jira/browse/NIFI-6563
> Project: Apache NiFi
> Issue Type: Sub-task
> Components: Core Framework, Tools and Build
> Affects Versions: 1.9.2
> Reporter: Jeff Storck
> Assignee: David Handermann
> Priority: Major
> Fix For: 1.14.0
>
>
> Add full support for TLSv1.3 running on Java 11.
> Some components currently work (S2S over HTTP, for example) with TLSv1.3.
> One issue related to specifying "TLS" for the protocol in an SSLContext is
> different (implied) behavior between running on Java 8 and 11, since the
> "newest" version of the TLS protocol available on the JVM will be used.
> More details will be added upon further analysis.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
