[NIFI-2943] tls-toolkit pkcs12 truststore 0 entries - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.0.0
Fix Version/s: 1.1.0
Component/s: Tools and Build
Labels:
- pkcs12
- security
- tls
- tls-toolkit

Description

When pkcs12 is used by the tls-toolkit, the resulting truststore has no entries when inspected by the keytool and the tls-toolkit certificate authority certificate is not trusted by NiFi.

This seems to be due to the Java pkcs12 provider not supporting certificate entries:
http://stackoverflow.com/questions/3614239/pkcs12-java-keystore-from-ca-and-user-certificate-in-java#answer-3614405

The Bouncy Castle provider does seem to support certificates but we may not want to explicitly use that provider from within NiFi.

Attachments

Issue Links

relates to

NIFI-10932 NiFi Toolkit CLI cannot connect to NiFi - trustAnchors parameter must be non-empty

Resolved

links to

GitHub Pull Request #1165

Activity

People

Assignee:: Bryan Rosander

Reporter:: Bryan Rosander

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 25/Oct/16 18:18

Updated:: 24/Jan/23 03:28

Resolved:: 17/Nov/16 18:57