nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (NIFI-3331) TLS Toolkit - add the possibility to define a SAN in issued certificates
Date Tue, 14 Feb 2017 20:42:41 GMT


ASF GitHub Bot commented on NIFI-3331:

Github user alopresto commented on a diff in the pull request:
    --- Diff: nifi-toolkit/nifi-toolkit-tls/src/main/java/org/apache/nifi/toolkit/tls/service/client/
    @@ -41,12 +41,14 @@
     public class TlsCertificateAuthorityClientCommandLine extends BaseCertificateAuthorityCommandLine
         public static final String DESCRIPTION = "Generates a private key and gets it signed
by the certificate authority.";
         public static final String CERTIFICATE_DIRECTORY = "certificateDirectory";
    +    public static final String SUBJECT_ALTERNATIVE_NAME = "subjectAlternativeName";
         public static final String DEFAULT_CERTIFICATE_DIRECTORY = ".";
         private final Logger logger = LoggerFactory.getLogger(TlsCertificateAuthorityClientCommandLine.class);
         private final InputStreamFactory inputStreamFactory;
         private String certificateDirectory;
    +    private String domaineAlternativeName;
    --- End diff --
    Will change with fix in ``. 

> TLS Toolkit - add the possibility to define a SAN in issued certificates
> ------------------------------------------------------------------------
>                 Key: NIFI-3331
>                 URL:
>             Project: Apache NiFi
>          Issue Type: Improvement
>          Components: Tools and Build
>            Reporter: Pierre Villard
>            Assignee: Pierre Villard
>              Labels: tls-toolkit
>             Fix For: 1.2.0
> To ease the deployment of a load balancer in front of NiFi, it would be nice to allow
users to define a SAN in certificates issued by the CA.
> To load balance the access to the UI or even with a ListenHTTP processor, both will cause
errors with a "Host mismatch" kind of error because of different fqdn between nodes certificate
and LB certificate. This is also discussed here:

This message was sent by Atlassian JIRA

View raw message