alopresto commented on a change in pull request #3204: NIFI-1364 - Removed
custom OCSP certificate revocation checking code and replaced with just using
Java native implementation.
URL: https://github.com/apache/nifi/pull/3204#discussion_r304194271
##########
File path:
nifi-commons/nifi-socket-utils/src/main/java/org/apache/nifi/io/socket/SSLContextFactory.java
##########
@@ -49,7 +55,7 @@
private final KeyManager[] keyManagers;
private final TrustManager[] trustManagers;
- public SSLContextFactory(final NiFiProperties properties) throws
NoSuchAlgorithmException, CertificateException, FileNotFoundException,
IOException, KeyStoreException, UnrecoverableKeyException {
+ public SSLContextFactory(final NiFiProperties properties) throws
NoSuchAlgorithmException, CertificateException, FileNotFoundException,
IOException, KeyStoreException, UnrecoverableKeyException,
InvalidAlgorithmParameterException {
Review comment:
Is there an implementation of this constructor / static factory method in
the application which can create an SSLContext that does not require the
application to have HTTPS enabled? For example, an instance of NiFi running in
HTTP mode which needs to use `InvokeHTTP` to communicate with an HTTPS remote
endpoint?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
With regards,
Apache Git Services
