fgerlits opened a new pull request #947: URL: https://github.com/apache/nifi-minifi-cpp/pull/947
https://issues.apache.org/jira/browse/MINIFICPP-1401 If the (new) `nifi.security.use.system.cert.store` property is set to true, then read client and server certificates from the Windows system store if no certificate file is given in the properties. On Linux/Mac, only server certificates are supported, and even that is untested. By default, we use `LocalMachine/ROOT` ("Trusted Root Certification Authorities") as the server cert store and `LocalMachine/MY` ("Personal") as the client cert store, but these can be overridden by setting the `nifi.security.windows.cert.store.location` (default: `LocalMachine`) `nifi.security.windows.server.cert.store` (default: `ROOT`) `nifi.security.windows.client.cert.store` (default: `MY`) properties. If `nifi.security.windows.client.cert.cn` is given a non-empty value, then the client certificate will only be accepted if it has this CN (in the Subject). `nifi.security.windows.client.cert.key.usage` can contain a list of comma-separated Extended Key Usage strings; the default is "Client Authentication". The client certificate will only be accepted if its Extended Key Usage contains all these key usages (it is allowed to contain more). --- Thank you for submitting a contribution to Apache NiFi - MiNiFi C++. In order to streamline the review of the contribution we ask you to ensure the following steps have been taken: ### For all changes: - [x] Is there a JIRA ticket associated with this PR? Is it referenced in the commit message? - [x] Does your PR title start with MINIFICPP-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character. - [x] Has your PR been rebased against the latest commit within the target branch (typically main)? - [x] Is your initial contribution a single, squashed commit? ### For code changes: - [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)? - [ ] If applicable, have you updated the LICENSE file? - [ ] If applicable, have you updated the NOTICE file? ### For documentation related changes: - [ ] Have you ensured that format looks appropriate for the output in which it is rendered? ### Note: Please ensure that once the PR is submitted, you check GitHub Actions CI results for build issues and submit an update to your PR as soon as possible. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
