David Handermann created NIFI-14049:
---------------------------------------
Summary: Add PEM Encoded SSLContext Provider
Key: NIFI-14049
URL: https://issues.apache.org/jira/browse/NIFI-14049
Project: Apache NiFi
Issue Type: New Feature
Components: Extensions
Reporter: David Handermann
Assignee: David Handermann
With the addition of framework support for PEM Private Keys and Certificates,
and the refactoring of the SSLContextService interface to introduce the
SSLContextProvider interface, a new PEM-Encoded SSLContext Provider
implementation should be added.
Building on the capabilities introduced for framework support, the PEM-Encoded
Provider implementation should support Private Keys encoded in either PKCS1 or
PKCS8.
The Provider should include a TLS Protocol property to configure the version
supported for encrypted communication.
The Provider should support configuring a Private Key and Certificate Chain
through separate properties, aligning with the framework property approach.
Separate properties should also support configuring PEM-encoded content as the
property value or referencing a file location.
The Provider should include a property for the Private Key Source with an
option that supports avoiding the configuration of Private Key and Certificate
Chain properties. This option supports configuring custom certificate
authorities without providing client or server identity information.
In addition to the Private Key and Certificate Chain properties, the Provider
should include a Certificate Authorities property that supports configuring one
or more trusted certificates.
A Certificate Authorities Source property should support an explicit System
value indicating that the default Java system certificate authorities should be
used.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
