[
https://issues.apache.org/jira/browse/NIFI-5485?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Paul Grey resolved NIFI-5485.
-----------------------------
Resolution: Won't Do
In a recent mailing list discussion [1], a consensus discussion was made to
deprecate the module "nifi-toolkit-tls". A set of tickets [2] [3] [4] was
opened and resolved to carry out this work.
In order to complete this effort, any open tickets in the NIFI project relating
to defects, enhancements, etc of "nifi-toolkit-tls" should be marked resolved.
[1] https://lists.apache.org/thread/vn1nzobtz4fh7fs461sgg8jj9zygrk0f
[2] NIFI-12169 - Documentation updates to provide alternatives to usage of TLS
Toolkit
[3] NIFI-12200 - Remove nifi-toolkit-tls module
[4] NIFI-12201 - Deprecation markings for nifi-toolkit-tls module in
support/nifi-1.x
> Enable TLS Toolkit (client/server) to sign certificates with external CA
> certificate
> ------------------------------------------------------------------------------------
>
> Key: NIFI-5485
> URL: https://issues.apache.org/jira/browse/NIFI-5485
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Security, Tools and Build
> Affects Versions: 1.7.1
> Reporter: Andy LoPresto
> Assignee: Andy LoPresto
> Priority: Major
> Labels: certificate, pem, pkcs1, pkcs8, pki, security, tls,
> tls-toolkit
>
> The TLS Toolkit can sign certificates using a public certificate and private
> key generated and signed elsewhere by injecting them into the
> {{nifi-cert.pem}} and {{nifi-key.key}} files as long as they are in the
> proper format and self-signed. The toolkit should be enhanced to handle PKCS
> #8 formatted private keys (in addition to the PKCS #1 formatted keys it
> handles now) and to allow for non self-signed certificates.
> To verify this, use certificates generated by
> [TinyCert|https://tinycert.org].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
