[
https://issues.apache.org/jira/browse/NIFI-3331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15866620#comment-15866620
]
ASF GitHub Bot commented on NIFI-3331:
--------------------------------------
Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/1491#discussion_r101137884
--- Diff:
nifi-toolkit/nifi-toolkit-tls/src/main/java/org/apache/nifi/toolkit/tls/service/client/TlsCertificateAuthorityClientCommandLine.java
---
@@ -41,12 +41,14 @@
public class TlsCertificateAuthorityClientCommandLine extends
BaseCertificateAuthorityCommandLine {
public static final String DESCRIPTION = "Generates a private key and
gets it signed by the certificate authority.";
public static final String CERTIFICATE_DIRECTORY =
"certificateDirectory";
+ public static final String SUBJECT_ALTERNATIVE_NAME =
"subjectAlternativeName";
--- End diff --
This should probably be plural.
> TLS Toolkit - add the possibility to define a SAN in issued certificates
> ------------------------------------------------------------------------
>
> Key: NIFI-3331
> URL: https://issues.apache.org/jira/browse/NIFI-3331
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Tools and Build
> Reporter: Pierre Villard
> Assignee: Pierre Villard
> Labels: tls-toolkit
> Fix For: 1.2.0
>
>
> To ease the deployment of a load balancer in front of NiFi, it would be nice
> to allow users to define a SAN in certificates issued by the CA.
> To load balance the access to the UI or even with a ListenHTTP processor,
> both will cause errors with a "Host mismatch" kind of error because of
> different fqdn between nodes certificate and LB certificate. This is also
> discussed here: http://stackoverflow.com/questions/40035356/nifi-load-balancer
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
