On Wed, Oct 14, 2020 at 3:59 PM Nathan Gough wrote:
>
> Is there a reason each ListenHTTP has a unique SSLContextService if they're
> all using the same certificates?
>
> If it were me, I'd use a single shared SSLContextService, and when I needed
> to update the certificate in the
go the direction you suggested
From: Nathan Gough
Reply-To: "users@nifi.apache.org"
Date: Wednesday, October 14, 2020 at 1:59 PM
To: "users@nifi.apache.org"
Subject: Re: [EXT] Re: sslcontext certs
Is there a reason each ListenHTTP has a unique SSLContextService if they're
Is there a reason each ListenHTTP has a unique SSLContextService if they're
all using the same certificates?
If it were me, I'd use a single shared SSLContextService, and when I needed
to update the certificate in the keystore/truststore, I would change it on
disk by renaming the old file and
Micron Confidential
I've found this annoying in the past as well. I would not be opposed to an
additional implementation of the SSLContext that uses the NiFi certs by
default, though... if it uses the client certificate as well you'd have to make
it restricted, so as to prevent users from