Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/1986#discussion_r129185483
--- Diff:
nifi-nar-bundles/nifi-standard-bundle/nifi-standard-processors/src/main/java/org/apache/nifi/processors/standard/ListenHTTP.java
---
@@ -227,7 +227,19 @@ private void createHttpServerFromService(final
ProcessContext context) throws Ex
contextFactory.setKeyStoreType(keyStoreType);
}
- if(sslContextService != null) {
+ if (sslContextService != null) {
+ // if the configured protocol isn't supported by Jetty, throw
an exception
+ final String[] excludeProtocols =
contextFactory.getExcludeProtocols();
+ if (excludeProtocols != null) {
+ for (final String protocol : excludeProtocols) {
+ if
(protocol.equals(sslContextService.getSslAlgorithm())) {
+ final IllegalArgumentException e = new
IllegalArgumentException("The configured SSL Protocol '" +
sslContextService.getSslAlgorithm()
+ + "' is not supported by this processor.
Please choose another.");
--- End diff --
It may be helpful here to provide a list of supported protocols (I believe
[`#getSelectedProtocols()`](http://download.eclipse.org/jetty/stable-9/apidocs/org/eclipse/jetty/util/ssl/SslContextFactory.html#getSelectedProtocols--)
will do this; `#getIncludeProtocols()` also exists, but be aware that
*excluded* protocols will always override *included* [see
`SSLContextFactory#selectProtocols()`](https://github.com/eclipse/jetty.project/blob/jetty-9.4.x/jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java#L1186)).
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---
