[
https://issues.apache.org/jira/browse/NIFI-3331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15867480#comment-15867480
]
ASF GitHub Bot commented on NIFI-3331:
--------------------------------------
Github user pvillard31 commented on the issue:
https://github.com/apache/nifi/pull/1491
Hey @alopresto, no worries. Thanks a lot for the review and the unit tests
(I was not sure how to tackle it in Groovy but looking at your code is
instructive!). Out of curiosity, do you think that the feature should be added
in standalone mode? When coding this PR, I felt that a user would not really
need this feature without the use of a CA, but I may be missing a use case
here, and this could be addressed in another JIRA.
> TLS Toolkit - add the possibility to define a SAN in issued certificates
> ------------------------------------------------------------------------
>
> Key: NIFI-3331
> URL: https://issues.apache.org/jira/browse/NIFI-3331
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Tools and Build
> Affects Versions: 1.1.1
> Reporter: Pierre Villard
> Assignee: Pierre Villard
> Labels: tls-toolkit
> Fix For: 1.2.0
>
>
> To ease the deployment of a load balancer in front of NiFi, it would be nice
> to allow users to define a SAN in certificates issued by the CA.
> To load balance the access to the UI or even with a ListenHTTP processor,
> both will cause errors with a "Host mismatch" kind of error because of
> different fqdn between nodes certificate and LB certificate. This is also
> discussed here: http://stackoverflow.com/questions/40035356/nifi-load-balancer
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
