alopresto commented on issue #4207: NIFI-7203 Add ZooKeeper client and server TLS URL: https://github.com/apache/nifi/pull/4207#issuecomment-613641562 @jfrazee as I mentioned on NIFI-7203, during an offline discussion some of us were discussing the approach to a configuration for an embedded ZK instance in NiFi which defines both an HTTP and HTTPS connection. Our position is that unlike an external ZK cluster which may have many different clients, the embedded ZK instance should only listen on the HTTPS port if the admin configures that, as NiFi will only attempt to connect on that port, and listening on HTTP has the potential to expose sensitive information. However, this is different from normal ZK behavior and therefore we listed some potential approaches to reduce confusion. More details are available in [this comment](https://issues.apache.org/jira/browse/NIFI-7203?focusedCommentId=17083557&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-17083557), but I would like to hear your perspective on this. Have you encountered any scenarios where an admin intentionally meant for the embedded ZK to listen on both ports?
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
