[jira] [Commented] (NIFI-2943) tls-toolkit pkcs12 truststore 0 entries

Tue, 15 Nov 2016 19:01:41 -0800 

    [ 
https://issues.apache.org/jira/browse/NIFI-2943?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15669193#comment-15669193
 ] 

ASF GitHub Bot commented on NIFI-2943:
--------------------------------------

Github user alopresto commented on the issue:

    https://github.com/apache/nifi/pull/1165
  
    Review on hold for tonight -- logging issues. I will investigate if 
libraries or paths changed in the morning. 
    
    ```
    
hw12203:...assembly/target/nifi-toolkit-1.1.0-SNAPSHOT-bin/nifi-toolkit-1.1.0-SNAPSHOT
 (pr1165) alopresto
    🔓 35s @ 18:59:45 $ ./bin/tls-toolkit.sh standalone -n 'localhost' -T PKCS12 
-P password -S password
    SLF4J: Class path contains multiple SLF4J bindings.
    SLF4J: Found binding in 
[jar:file:/Users/alopresto/Workspace/nifi/nifi-toolkit/nifi-toolkit-assembly/target/nifi-toolkit-1.1.0-SNAPSHOT-bin/nifi-toolkit-1.1.0-SNAPSHOT/lib/logback-classic-1.1.3.jar!/org/slf4j/impl/StaticLoggerBinder.class]
    SLF4J: Found binding in 
[jar:file:/Users/alopresto/Workspace/nifi/nifi-toolkit/nifi-toolkit-assembly/target/nifi-toolkit-1.1.0-SNAPSHOT-bin/nifi-toolkit-1.1.0-SNAPSHOT/lib/slf4j-log4j12-1.7.12.jar!/org/slf4j/impl/StaticLoggerBinder.class]
    SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an 
explanation.
    SLF4J: Actual binding is of type 
[ch.qos.logback.classic.util.ContextSelectorStaticBinder]
    
hw12203:...assembly/target/nifi-toolkit-1.1.0-SNAPSHOT-bin/nifi-toolkit-1.1.0-SNAPSHOT
 (pr1165) alopresto
    🔓 20s @ 19:00:06 $
    ```


> tls-toolkit pkcs12 truststore 0 entries
> ---------------------------------------
>
>                 Key: NIFI-2943
>                 URL: https://issues.apache.org/jira/browse/NIFI-2943
>             Project: Apache NiFi
>          Issue Type: Bug
>            Reporter: Bryan Rosander
>            Assignee: Bryan Rosander
>            Priority: Minor
>
> When pkcs12 is used by the tls-toolkit, the resulting truststore has no 
> entries when inspected by the keytool and the tls-toolkit certificate 
> authority certificate is not trusted by NiFi.
> This seems to be due to the Java pkcs12 provider not supporting certificate 
> entries:
> http://stackoverflow.com/questions/3614239/pkcs12-java-keystore-from-ca-and-user-certificate-in-java#answer-3614405
> The Bouncy Castle provider does seem to support certificates but we may not 
> want to explicitly use that provider from within NiFi.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to