[NIFI-3691] Provide utility to verify configured security settings and certificates - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: None
Component/s: Configuration
Labels:

Description

It would be helpful to provide a utility that could analyze keystores/truststores to verify compatibility and expected behavior with configured security settings such as two way SSL (right hostname, alias, etc). The idea is that as a diagnostic tool, we could provide users with some help to verify and troubleshoot any issues that may exist with certificates outside of more expensive change/restart loops with NiFi. As a follow-on, it would be helpful to get a listing of key properties about the configured keystore/truststore or files provided. An extension of this might additionally setup a client/server test with the utility between instances, again, to verify correct operation without doing so in NiFi itself as suggested by the parent ticket.

It would be nice to provide this as part of the NiFi release and accessible via nifi.sh. By extension, the functionality could also appear in the TLS toolkit.

Attachments

Issue Links

is a parent of

NIFI-7673 Toolkit in diagnostic mode should verify independent node

Resolved

is part of

NIFI-5458 Improve NiFi TLS and certificate management

Resolved

Sub-Tasks

1.	Toolkit diagnostic for Cluster configuration		Resolved	Veda Kadam
2.	Toolkit diagnostic should verify user provisions and policies		Resolved	Veda Kadam

Activity

People

Assignee:: Unassigned

Reporter:: Aldrin Piri

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 11/Apr/17 12:53

Updated:: 03/Jan/24 02:54