[
https://issues.apache.org/jira/browse/NIFI-5737?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16659859#comment-16659859
]
ASF subversion and git services commented on NIFI-5737:
-------------------------------------------------------
Commit 02261311b3b3f765ebb394f8f101b0373a7fb3ab in nifi's branch
refs/heads/master from [~mcgilman]
[ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=0226131 ]
NIFI-5737:
- Removing needClientAuth property since cluster comms now requires two way
ssl. Jetty client auth settings are based on configured features.
- Removing dead code.
- Updating documentation.
- Removing references to needClientAuth property in all test resources.
- Removing overloaded util method with strict parameter.
This closes #3102.
> Client Auth property no longer used
> -----------------------------------
>
> Key: NIFI-5737
> URL: https://issues.apache.org/jira/browse/NIFI-5737
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Core Framework
> Reporter: Matt Gilman
> Assignee: Matt Gilman
> Priority: Minor
> Fix For: 1.8.0
>
>
> With the introduction of connection based load balancing, cluster
> communications can no longer be over 1-way SSL. Currently, the client auth
> property of nifi.properties only applied to these cluster communications. If
> set to false, a cluster will fail with the following exception:
> {code}
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> {code}
> This property is not used currently for site-to-site which requires it to be
> `required` (which is the proposed solution here).
> This property is not used currently for Jetty which will `require` or `want`
> it based on the configured features.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
