-
Type:
Improvement
-
Status: Open
-
Priority:
Major
-
Resolution: Unresolved
-
Affects Version/s: 0.5.0
-
Fix Version/s: None
-
Component/s: Core Framework
-
Labels:
A common complaint new users have is that they try to configure a GetHTTP or InvokeHTTP processor to communicate with an external site using TLS and it fails due to certificate validation exceptions. By automatically importing the contents of $JAVA_HOME/jre/lib/security/cacerts into the NiFi local truststore, we could eliminate this obstacle. However, this may not be expected behavior for users who wish to configure a custom truststore to be more discriminating on TLS connections.
Investigate this issue and discuss on mailing list.