[
https://issues.apache.org/jira/browse/NIFI-9254?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17423411#comment-17423411
]
ASF subversion and git services commented on NIFI-9254:
-------------------------------------------------------
Commit a94b47ecf8d97778c7375e34d07964a6ab326cc5 in nifi's branch
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=a94b47e ]
NIFI-9254 Updated default Stateless Sensitive Property configuration
- Set NIFI_PBKDF2_AES_GCM_256 as property encryption method
- Replaced static default sensitive properties key with random UUID
- Added unit test for PropertiesFileEngineConfigurationParser
- Added random encryption key generation method
- Changed Stateless to use PropertyEncryptionMethod enum
Signed-off-by: Joe Gresock <[email protected]>
This closes #5424
> Update Default Sensitive Properties Configuration for Stateless
> ---------------------------------------------------------------
>
> Key: NIFI-9254
> URL: https://issues.apache.org/jira/browse/NIFI-9254
> Project: Apache NiFi
> Issue Type: Improvement
> Components: NiFi Stateless
> Reporter: David Handermann
> Assignee: David Handermann
> Priority: Minor
> Labels: security
> Time Spent: 2h 10m
> Remaining Estimate: 0h
>
> Recent improvements to NiFi Component Property Encryption included updating
> the default Sensitive Properties Algorithm and Sensitive Properties Key.
> Improving the default settings for NiFi Stateless would provide better
> security for the initial configuration and reduce reliance on weak key
> derivation functions.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
