Andy LoPresto created NIFI-7333:
-----------------------------------
Summary: OIDC provider should use NiFi keystore & truststore
Key: NIFI-7333
URL: https://issues.apache.org/jira/browse/NIFI-7333
Project: Apache NiFi
Issue Type: Bug
Components: Core Framework, Security
Affects Versions: 1.11.4
Reporter: Andy LoPresto
The OIDC provider uses generic HTTPS requests to the OIDC IdP, but does not
configure these requests to use the NiFi keystore or truststore. Rather, it
uses the default JVM keystore and truststore, which leads to difficulty
debugging PKIX and other TLS negotiation errors. It should be switched to use
the NiFi keystore and truststore as other NiFi framework services do.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
