[
https://issues.apache.org/jira/browse/MINIFICPP-2170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ferenc Gerlits updated MINIFICPP-2170:
--------------------------------------
Summary: Fix system certificate store usage in SSLContextService on Linux
(was: Support the system certificate store in SSLContextService on Linux)
> Fix system certificate store usage in SSLContextService on Linux
> ----------------------------------------------------------------
>
> Key: MINIFICPP-2170
> URL: https://issues.apache.org/jira/browse/MINIFICPP-2170
> Project: Apache NiFi MiNiFi C++
> Issue Type: Improvement
> Reporter: Ferenc Gerlits
> Assignee: Ferenc Gerlits
> Priority: Major
>
> On Linux, we only support the system certificate store locations in
> {{HTTPClient}} if no {{SSLContextService}} is used.
> With the openssl 3.1 upgrade, this got a bit better, because now we can use
> the {{SSL_CERT_DIR}} environment variable to point {{minifi}} to the system
> certificate store.
> The {{SSLContextService}} should support auto-detection of the location of
> the system certificate store as it is done in {{HTTPClient}} now.
> After the change,
> * {{HTTPClient}} without an {{{}SSLContextService{}}}, and
> * setting the {{SSL_CERT_DIR}}
> should continue to work as they do now, as well.
> As part of this change, we should fix the incorrect default value of
> {{InvokeHTTP::DisablePeerVerification}}, as well.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
