Bryan Rosander created NIFI-2621:
------------------------------------
Summary: NiFi CertificateUtils can reuse serial numbers in issued
certificates if multiple calls are made in the same millisecond
Key: NIFI-2621
URL: https://issues.apache.org/jira/browse/NIFI-2621
Project: Apache NiFi
Issue Type: Bug
Reporter: Bryan Rosander
Assignee: Bryan Rosander
Serial numbers on certificates should be unique. CertificateUtils currently
uses System.currentTimeMillis() to generate them.
Proposed solution:
1. Use the current time in millis as the most significant part of the serial
number
2. Shift it left 32 bits to make room in the BigInteger for an incrementor value
3. Reset the incrementor every time a the generator function is called and the
millisecond is different from before
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
