[jira] [Assigned] (NIFI-12229) Edits to Registry-Client in NiFi require NiFi service restart to take affect.

[Simon Bence (Jira)]

     [ 
https://issues.apache.org/jira/browse/NIFI-12229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Simon Bence reassigned NIFI-12229:
----------------------------------

    Assignee: Simon Bence

> Edits to Registry-Client in NiFi require NiFi service restart to take affect.
> -----------------------------------------------------------------------------
>
>                 Key: NIFI-12229
>                 URL: https://issues.apache.org/jira/browse/NIFI-12229
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework
>    Affects Versions: 1.23.1
>            Reporter: Matthew Clarke
>            Assignee: Simon Bence
>            Priority: Major
>
> Within NiFi --> global menu --> Controller Settings --> Registry Clients 
> there is no option to "disable" and "enable" the added registry clients.  The 
> ability to edit a Registry Client is allowed and there is even a button 
> "Update" a user can click on after making edits.  However, clicking "update" 
> does not apply the changes.  A restart of the NiFi service is required for 
> updates to take affect.
> How to reproduce
> - Create a StandardRestrictedSSLContextService configured with only a 
> truststore
> - Create a second StandardRestrictedSSLContextService configured with both 
> keystore and truststore.
> - Create a Registry Client (NiFiRegistryFlowRegistryClient) and configure 
> https:/<nifi-registry hostname>:<nifi-registry port> and configure to use SSL 
> Context service created with both keystore and truststore
> - From canvas start version control on a process group.
> - Now edit the registry client so that it uses SSL context service with only 
> truststore and click "Update".
> - Return to canvas and edit version controlled PG and commit new version.  
> You'll notice this is still possible because registry client continues to use 
> the SSL Context service that has both keystore and truststore.
> - If you then restart the NiFi service, you'll notice the version controlled 
> PG now exhibit a "?" because it is unable to retrieve version flow 
> information from Registry because it is now loaded with different ssl context 
> service.  NiFi-Registry logs will show "anonymous" access attempts as 
> expected.
> While above allows for easy method to reproduce issue.  The more likely issue 
> will occur when a user obtains new certificates and tries to update an 
> existing SSL Context service or create a new and then tries to use it in the 
> Registry Client.  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)