natural commented on a change in pull request #3457: NIFI-4247 Support ranges
in `tls-toolkit` SAN cli option.
URL: https://github.com/apache/nifi/pull/3457#discussion_r281272066
##########
File path:
nifi-toolkit/nifi-toolkit-tls/src/main/java/org/apache/nifi/toolkit/tls/standalone/TlsToolkitStandalone.java
##########
@@ -177,6 +184,16 @@ public void
createNifiKeystoresAndTrustStores(StandaloneConfig standaloneConfig)
File keystore = new File(hostDir, "keystore." +
tlsClientConfig.getKeyStoreType().toLowerCase());
File truststore = new File(hostDir, "truststore." +
tlsClientConfig.getTrustStoreType().toLowerCase());
+ // Adjust the SANs when ranges match.
+ if (domainAlternativeNames.size() == 1) {
+
tlsClientConfig.setDomainAlternativeNames(Collections.singletonList(domainAlternativeNames.get(0)));
+ } else if (domainAlternativeNames.size() ==
instanceDefinitions.size()) {
+
tlsClientConfig.setDomainAlternativeNames(Collections.singletonList(domainAlternativeNames.get(instanceIndex)));
+ logger.info("Using alternate name " +
domainAlternativeNames.get(instanceIndex) + " with hostname " + hostname + ".");
+ } else {
+ logger.info("Hostname count does not match given alternate
name count. Verify names in resulting certificate.");
Review comment:
Will update to `logger.warn`
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
