Aldrin Piri created NIFI-3691:
---------------------------------
Summary: Provide utility to verify configured security settings
and certificates
Key: NIFI-3691
URL: https://issues.apache.org/jira/browse/NIFI-3691
Project: Apache NiFi
Issue Type: Sub-task
Components: Configuration
Reporter: Aldrin Piri
It would be helpful to provide a utility that could analyze
keystores/truststores to verify compatibility and expected behavior with
configured security settings such as two way SSL (right hostname, alias, etc).
The idea is that as a diagnostic tool, we could provide users with some help to
verify and troubleshoot any issues that may exist with certificates outside of
more expensive change/restart loops with NiFi. As a follow-on, it would be
helpful to get a listing of key properties about the configured
keystore/truststore or files provided. An extension of this might additionally
setup a client/server test with the utility between instances, again, to verify
correct operation without doing so in NiFi itself as suggested by the parent
ticket.
It would be nice to provide this as part of the NiFi release and accessible via
nifi.sh. By extension, the functionality could also appear in the TLS toolkit.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
