[jira] [Updated] (NIFI-7356) Enable TLS for embedded Zookeeper when NiFi has TLS enabled

Tue, 14 Apr 2020 11:56:12 -0700 


     [ 
https://issues.apache.org/jira/browse/NIFI-7356?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Andy LoPresto updated NIFI-7356:
--------------------------------
    Description: 
If embedded ZK has TLS properties in the {{zookeeper.properties}} file, these 
will be used. If however, this file does not populate those properties, and 
NiFi does have TLS properties configured ({{nifi.security.keyStore}}, etc.), 
these values will be used to override the ZK plaintext connection listener to 
create a TLS connection listener. 

If the {{zookeeper.properties}} file has an incomplete configuration (i.e. 
keystore password set but no keystore path), startup should fail with a clear 
error message indicating the missing properties and how to resolve. 

  was:If embedded ZK has TLS properties in the {{zookeeper.properties}} file, 
these will be used. If however, this file does not populate those properties, 
and NiFi does have TLS properties configured ({{nifi.security.keyStore}}, 
etc.), these values will be used to override the ZK plaintext connection 
listener to create a TLS connection listener. 


> Enable TLS for embedded Zookeeper when NiFi has TLS enabled
> -----------------------------------------------------------
>
>                 Key: NIFI-7356
>                 URL: https://issues.apache.org/jira/browse/NIFI-7356
>             Project: Apache NiFi
>          Issue Type: Sub-task
>          Components: Configuration, Configuration Management, Security
>            Reporter: Troy Melhase
>            Assignee: Troy Melhase
>            Priority: Major
>
> If embedded ZK has TLS properties in the {{zookeeper.properties}} file, these 
> will be used. If however, this file does not populate those properties, and 
> NiFi does have TLS properties configured ({{nifi.security.keyStore}}, etc.), 
> these values will be used to override the ZK plaintext connection listener to 
> create a TLS connection listener. 
> If the {{zookeeper.properties}} file has an incomplete configuration (i.e. 
> keystore password set but no keystore path), startup should fail with a clear 
> error message indicating the missing properties and how to resolve. 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Reply via email to