[jira] [Commented] (NIFI-6012) NiFi toolkit, tls-toolkit.sh server, doesnt support 3rd party Certificate of Authoprity
[ https://issues.apache.org/jira/browse/NIFI-6012?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16764649#comment-16764649 ] Andy LoPresto commented on NIFI-6012: - I believe this issue is a duplicate of NIFI-5460. If not, please indicate what differences you find or additional behavior you expect from a solution to that issue. > NiFi toolkit, tls-toolkit.sh server, doesnt support 3rd party Certificate of > Authoprity > --- > > Key: NIFI-6012 > URL: https://issues.apache.org/jira/browse/NIFI-6012 > Project: Apache NiFi > Issue Type: Improvement > Components: Tools and Build >Reporter: Erik Anderson >Priority: Major > > Original details are here. > [link certificate chain of trust > |https://mail-archives.apache.org/mod_mbox/nifi-dev/201902.mbox/%3Cb7825d4c-8cdb-4b2e-b625-7942ce067292%40www.fastmail.com%3E] > When running the NiFi toolkit ../bin/tls-toolkit.sh server, how do I get the > server to include an additional public certificate of authority in the > truststore.jks file? > I was looking through the nifi-toolkit-tls code, > For the start sequences of the > ../bin/tls-toolkit.sh server > I would like to recommend an additional option in the client (or server mode) > --additionalTrust=[keystore alias],[keystore alias],[keystore alias] > What this would do is when a client calls the tls-toolkit.sh server, the > server would extract these alias stored in the nifi-ca-keystore.jks, and add > to the returned truststore.jks file. > Example: > --additionalTrust: nifi-cli, digicert, myca > There seems to be a feature in > ../bin/tls-toolkit.sh standalone > --additionalCACertificate > Which might be a similar feature. > This would allow an enterprise that installs MITM proxies, to include > additional certificates into the trust chain. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (NIFI-6012) NiFi toolkit, tls-toolkit.sh server, doesnt support 3rd party Certificate of Authoprity
[ https://issues.apache.org/jira/browse/NIFI-6012?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andy LoPresto updated NIFI-6012: Labels: certificate security tls tls-toolkit (was: ) > NiFi toolkit, tls-toolkit.sh server, doesnt support 3rd party Certificate of > Authoprity > --- > > Key: NIFI-6012 > URL: https://issues.apache.org/jira/browse/NIFI-6012 > Project: Apache NiFi > Issue Type: Improvement > Components: Tools and Build >Reporter: Erik Anderson >Assignee: Andy LoPresto >Priority: Major > Labels: certificate, security, tls, tls-toolkit > > Original details are here. > [link certificate chain of trust > |https://mail-archives.apache.org/mod_mbox/nifi-dev/201902.mbox/%3Cb7825d4c-8cdb-4b2e-b625-7942ce067292%40www.fastmail.com%3E] > When running the NiFi toolkit ../bin/tls-toolkit.sh server, how do I get the > server to include an additional public certificate of authority in the > truststore.jks file? > I was looking through the nifi-toolkit-tls code, > For the start sequences of the > ../bin/tls-toolkit.sh server > I would like to recommend an additional option in the client (or server mode) > --additionalTrust=[keystore alias],[keystore alias],[keystore alias] > What this would do is when a client calls the tls-toolkit.sh server, the > server would extract these alias stored in the nifi-ca-keystore.jks, and add > to the returned truststore.jks file. > Example: > --additionalTrust: nifi-cli, digicert, myca > There seems to be a feature in > ../bin/tls-toolkit.sh standalone > --additionalCACertificate > Which might be a similar feature. > This would allow an enterprise that installs MITM proxies, to include > additional certificates into the trust chain. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Resolved] (NIFI-6012) NiFi toolkit, tls-toolkit.sh server, doesnt support 3rd party Certificate of Authoprity
[ https://issues.apache.org/jira/browse/NIFI-6012?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Andy LoPresto resolved NIFI-6012. - Resolution: Duplicate Assignee: Andy LoPresto > NiFi toolkit, tls-toolkit.sh server, doesnt support 3rd party Certificate of > Authoprity > --- > > Key: NIFI-6012 > URL: https://issues.apache.org/jira/browse/NIFI-6012 > Project: Apache NiFi > Issue Type: Improvement > Components: Tools and Build >Reporter: Erik Anderson >Assignee: Andy LoPresto >Priority: Major > > Original details are here. > [link certificate chain of trust > |https://mail-archives.apache.org/mod_mbox/nifi-dev/201902.mbox/%3Cb7825d4c-8cdb-4b2e-b625-7942ce067292%40www.fastmail.com%3E] > When running the NiFi toolkit ../bin/tls-toolkit.sh server, how do I get the > server to include an additional public certificate of authority in the > truststore.jks file? > I was looking through the nifi-toolkit-tls code, > For the start sequences of the > ../bin/tls-toolkit.sh server > I would like to recommend an additional option in the client (or server mode) > --additionalTrust=[keystore alias],[keystore alias],[keystore alias] > What this would do is when a client calls the tls-toolkit.sh server, the > server would extract these alias stored in the nifi-ca-keystore.jks, and add > to the returned truststore.jks file. > Example: > --additionalTrust: nifi-cli, digicert, myca > There seems to be a feature in > ../bin/tls-toolkit.sh standalone > --additionalCACertificate > Which might be a similar feature. > This would allow an enterprise that installs MITM proxies, to include > additional certificates into the trust chain. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Created] (MINIFICPP-733) librdkafka logs go to stdout
Jeremy Dyer created MINIFICPP-733: - Summary: librdkafka logs go to stdout Key: MINIFICPP-733 URL: https://issues.apache.org/jira/browse/MINIFICPP-733 Project: NiFi MiNiFi C++ Issue Type: Improvement Reporter: Jeremy Dyer Assignee: Jeremy Dyer Fix For: 0.7.0 Currently all the librdkafka logs go to stdout which makes it both annoying in a terminal window and difficult to debug since the logs are in stdout. We should change this so that librdkafka logs go to the same minifi-app.log that already exists and is configuration via the minifi-log.properties file -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Updated] (NIFI-5172) PutElasticsearchHttpRecord does not handle failed records individually
[ https://issues.apache.org/jira/browse/NIFI-5172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joseph Percivall updated NIFI-5172: --- Summary: PutElasticsearchHttpRecord does not handle failed records individually (was: PutElasticSearchRecord does to fail individual recods) > PutElasticsearchHttpRecord does not handle failed records individually > -- > > Key: NIFI-5172 > URL: https://issues.apache.org/jira/browse/NIFI-5172 > Project: Apache NiFi > Issue Type: Improvement >Affects Versions: 1.6.0 >Reporter: Juan C. Sequeiros >Assignee: Joseph Percivall >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > My observation and not sure if working as expected but when I send my output > from MergeRecord ( set to 1 ) max number of records and one of those > records has an invalid timestamp "bogusdata" value ES rejects it, rightly so > since on ES we have a schema template more granular and is expecting > timestamp as type "date". > > From USER forums Matt Burgess: > Yes the current behavior is to move the entire input flowfile to > failure if any errors occur. Some other record-aware processors create > separate flow files for failed and successful records, but > PutElasticsearchHttpRecord does not (yet) do that. Please feel free to > write a Jira for this improvement. > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[GitHub] JPercivall opened a new pull request #3299: NIFI-5172 Adding the ability to specify a record writer for PutElasti…
JPercivall opened a new pull request #3299: NIFI-5172 Adding the ability to specify a record writer for PutElasti… URL: https://github.com/apache/nifi/pull/3299 …csearchHttpRecord in order to individually handle failed records Thank you for submitting a contribution to Apache NiFi. In order to streamline the review of the contribution we ask you to ensure the following steps have been taken: ### For all changes: - [X] Is there a JIRA ticket associated with this PR? Is it referenced in the commit message? - [X] Does your PR title start with NIFI- where is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character. - [X] Has your PR been rebased against the latest commit within the target branch (typically master)? - [X] Is your initial contribution a single, squashed commit? ### For code changes: - [X] Have you ensured that the full suite of tests is executed via mvn -Pcontrib-check clean install at the root nifi folder? - [X] Have you written or updated unit tests to verify your changes? - [X] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)? - [X] If applicable, have you updated the LICENSE file, including the main LICENSE file under nifi-assembly? - [X] If applicable, have you updated the NOTICE file, including the main NOTICE file found under nifi-assembly? - [X] If adding new Properties, have you added .displayName in addition to .name (programmatic access) for each of the new properties? ### For documentation related changes: - [X] Have you ensured that format looks appropriate for the output in which it is rendered? ### Note: Please ensure that once the PR is submitted, you check travis-ci for build issues and submit an update to your PR as soon as possible. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[jira] [Updated] (NIFI-5172) PutElasticSearchRecord does to fail individual recods
[ https://issues.apache.org/jira/browse/NIFI-5172?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Joseph Percivall updated NIFI-5172: --- Status: Patch Available (was: Open) PR up here: https://github.com/apache/nifi/pull/3299 > PutElasticSearchRecord does to fail individual recods > - > > Key: NIFI-5172 > URL: https://issues.apache.org/jira/browse/NIFI-5172 > Project: Apache NiFi > Issue Type: Improvement >Affects Versions: 1.6.0 >Reporter: Juan C. Sequeiros >Assignee: Joseph Percivall >Priority: Minor > Time Spent: 10m > Remaining Estimate: 0h > > My observation and not sure if working as expected but when I send my output > from MergeRecord ( set to 1 ) max number of records and one of those > records has an invalid timestamp "bogusdata" value ES rejects it, rightly so > since on ES we have a schema template more granular and is expecting > timestamp as type "date". > > From USER forums Matt Burgess: > Yes the current behavior is to move the entire input flowfile to > failure if any errors occur. Some other record-aware processors create > separate flow files for failed and successful records, but > PutElasticsearchHttpRecord does not (yet) do that. Please feel free to > write a Jira for this improvement. > > > -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[GitHub] MikeThomsen commented on issue #2635: NIFI-5071 Create a Processor to write the contents of a FlowFile to OpenTSDB
MikeThomsen commented on issue #2635: NIFI-5071 Create a Processor to write the contents of a FlowFile to OpenTSDB URL: https://github.com/apache/nifi/pull/2635#issuecomment-462196551 @Bright-Liu it might be a good idea for you to turn this into an independent project and advertise it to the community on the user list instead. We're starting to hit a point where the committers and PMC are having a hard time keeping up with the breadth of requests for new systems in terms of being able to understand them well enough to officially support them. If you'd like some help in turning this into an independent package, I can point you in the right direction and get you started. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] MikeThomsen commented on issue #2546: NIFI-4975 Add GridFS processors
MikeThomsen commented on issue #2546: NIFI-4975 Add GridFS processors URL: https://github.com/apache/nifi/pull/2546#issuecomment-462196154 @zenfenan @mattyb149 anyone? This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] MikeThomsen commented on issue #3041: NIFI-5224 Added SolrClientService.
MikeThomsen commented on issue #3041: NIFI-5224 Added SolrClientService. URL: https://github.com/apache/nifi/pull/3041#issuecomment-462196060 @patricker @bbende anything left to be done here or can we merge? This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
