nifi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tony Kurc (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-1163) GetHTTP throws an NPE if a context service is used with only a truststore and no keystore
Date Sat, 14 Nov 2015 23:12:10 GMT

    [ https://issues.apache.org/jira/browse/NIFI-1163?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15005661#comment-15005661
] 

Tony Kurc commented on NIFI-1163:
---------------------------------

reviewing 

> GetHTTP throws an NPE if a context service is used with only a truststore and no keystore

> ------------------------------------------------------------------------------------------
>
>                 Key: NIFI-1163
>                 URL: https://issues.apache.org/jira/browse/NIFI-1163
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Extensions
>    Affects Versions: 0.3.0
>            Reporter: Aldrin Piri
>            Assignee: Aldrin Piri
>             Fix For: 0.4.0
>
>         Attachments: 0001-NIFI-1163-Providing-handling-of-SSLContext-creation-.patch
>
>
> Consider a one-way SSL connection to an HTTPS endpoint.  We might want to specify a truststore
to talk with that endpoint but not a keystore.
> The problem stems from the following method: 
> {code}
>     private SSLContext createSSLContext(final SSLContextService service)
>             throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException,
KeyManagementException, UnrecoverableKeyException {
>         final KeyStore truststore = KeyStore.getInstance(service.getTrustStoreType());
>         try (final InputStream in = new FileInputStream(new File(service.getTrustStoreFile())))
{
>             truststore.load(in, service.getTrustStorePassword().toCharArray());
>         }
>         final KeyStore keystore = KeyStore.getInstance(service.getKeyStoreType());
>         try (final InputStream in = new FileInputStream(new File(service.getKeyStoreFile())))
{
>             keystore.load(in, service.getKeyStorePassword().toCharArray());
>         }
>         final SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(truststore,
new TrustSelfSignedStrategy()).loadKeyMaterial(keystore, service.getKeyStorePassword().toCharArray()).build();
>         return sslContext;
>     }
> {code}
> In this case there are no keystore properties causing this process to fail.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message