[
https://issues.apache.org/jira/browse/NIFI-12229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Pierre Villard updated NIFI-12229:
----------------------------------
Resolution: Feedback Received
Status: Resolved (was: Patch Available)
Apache NiFi 1.x is no longer maintained and no new release is planned on the
1.x release line. Marking as resolved as part of a cleanup operation. Please
open a new one with an updated description if this is still relevant for NiFi
2.x.
> Edits to Registry-Client in NiFi require NiFi service restart to take affect.
> -----------------------------------------------------------------------------
>
> Key: NIFI-12229
> URL: https://issues.apache.org/jira/browse/NIFI-12229
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework
> Affects Versions: 1.23.1
> Reporter: Matthew Clarke
> Assignee: Simon Bence
> Priority: Major
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Within NiFi --> global menu --> Controller Settings --> Registry Clients
> there is no option to "disable" and "enable" the added registry clients. The
> ability to edit a Registry Client is allowed and there is even a button
> "Update" a user can click on after making edits. However, clicking "update"
> does not apply the changes. A restart of the NiFi service is required for
> updates to take affect.
> How to reproduce
> - Create a StandardRestrictedSSLContextService configured with only a
> truststore
> - Create a second StandardRestrictedSSLContextService configured with both
> keystore and truststore.
> - Create a Registry Client (NiFiRegistryFlowRegistryClient) and configure
> https:/<nifi-registry hostname>:<nifi-registry port> and configure to use SSL
> Context service created with both keystore and truststore
> - From canvas start version control on a process group.
> - Now edit the registry client so that it uses SSL context service with only
> truststore and click "Update".
> - Return to canvas and edit version controlled PG and commit new version.
> You'll notice this is still possible because registry client continues to use
> the SSL Context service that has both keystore and truststore.
> - If you then restart the NiFi service, you'll notice the version controlled
> PG now exhibit a "?" because it is unable to retrieve version flow
> information from Registry because it is now loaded with different ssl context
> service. NiFi-Registry logs will show "anonymous" access attempts as
> expected.
> While above allows for easy method to reproduce issue. The more likely issue
> will occur when a user obtains new certificates and tries to update an
> existing SSL Context service or create a new and then tries to use it in the
> Registry Client.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
