[jira] [Commented] (NIFI-13874) Refactor KeyStore and SSLContext Creation for Tests

Wed, 16 Oct 2024 09:20:46 -0700 


    [ 
https://issues.apache.org/jira/browse/NIFI-13874?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17890167#comment-17890167
 ] 

ASF subversion and git services commented on NIFI-13874:
--------------------------------------------------------

Commit 1b37d78403841353f0b93fde5dc0f69e5f1cd046 in nifi's branch 
refs/heads/main from David Handermann
[ https://gitbox.apache.org/repos/asf?p=nifi.git;h=1b37d78403 ]

NIFI-13874 Refactored KeyStore and SSLContext Creation for Tests
This closes #9392

- Added EphemeralKeyStoreBuilder to nifi-security-ssl
- Removed nifi-security-utils
- Moved StandardTlsConfiguration to nifi-ssl-context-service
- Refactored tests to use EphemeralKeyStoreBuilder and 
nifi-security-cert-builder for TLS

Signed-off-by: Joseph Witt <[email protected]>


> Refactor KeyStore and SSLContext Creation for Tests
> ---------------------------------------------------
>
>                 Key: NIFI-13874
>                 URL: https://issues.apache.org/jira/browse/NIFI-13874
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: David Handermann
>            Assignee: David Handermann
>            Priority: Major
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> A number of unit and integration tests create temporary Key Store and Trust 
> Store files to evaluate the behavior of components with TLS enabled. The 
> {{TemporaryKeyStoreBuilder}} class provides this capability for various 
> tests, which depends on certificate building from 
> {{nifi-security-cert-builder}}. The {{TemporaryKeyStoreBuilder}} persists 
> generated Key Store and Trust Store files to disk, which is not always 
> necessary. The {{nifi-security-utils}} module also has the 
> {{SslContextFactory}} class for abstraction creation of {{SSLContext}} and 
> related Manager objects.
> With iterative refactoring of features like certificate generation and 
> SSLContext loading to separate modules, the {{nifi-security-utils}} module 
> should be removed, and necessary functionality should be refactored. For 
> tests that do not need to read from files, a memory-backed Key Store is 
> sufficient, and avoids unnecessary temporary files. The loading SSLContext 
> and Manager objects, the {{nifi-security-ssl}} module provides a variety of 
> Builder classes, without unnecessary dependencies.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to