bbende commented on issue #3126: NIFI-5753 Add SSL support to HortonworksSchemaRegistry service URL: https://github.com/apache/nifi/pull/3126#issuecomment-540731660 Tested this PR and it appears to work with the minor issues mentioned by Mike above. I'm going to add an additional commit with the following two minor changes... 1) Move the use of keyPassword inside of the if block for when a keystore is provided because you can't have a keyPassword unless you also have a keystore, and also make keypassword optional, so it looks like this: ``` if (sslContextService.isKeyStoreConfigured()) { propertiesBuilder.put("keyStorePath", sslContextService.getKeyStoreFile()); propertiesBuilder.put("keyStorePassword", sslContextService.getKeyStorePassword()); propertiesBuilder.put("keyStoreType", sslContextService.getKeyStoreType()); if (sslContextService.getKeyPassword() != null) { propertiesBuilder.put("keyPassword", sslContextService.getKeyPassword()); } } ``` 2. Bump the client version from 0.5.3 to 0.8.0 (latest) Regarding Mike's other comment about customValidate, this is really incorrect behavior of the schema registry client to require a keystore. I don't think NiFi should implement the logic to force users into that since ideally the schema registry client would get updated to make keystore optional. I will report that issue to the schema registry projected.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
