[ https://issues.apache.org/jira/browse/NIFI-3331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15866624#comment-15866624
]
ASF GitHub Bot commented on NIFI-3331:
--------------------------------------
Github user alopresto commented on a diff in the pull request:
https://github.com/apache/nifi/pull/1491#discussion_r101138034
--- Diff: nifi-toolkit/nifi-toolkit-tls/src/main/java/org/apache/nifi/toolkit/tls/service/client/TlsCertificateAuthorityClientCommandLine.java
---
@@ -110,13 +113,18 @@ protected String getDnHostname() {
protected CommandLine doParse(String[] args) throws CommandLineParseException {
CommandLine commandLine = super.doParse(args);
certificateDirectory = commandLine.getOptionValue(CERTIFICATE_DIRECTORY, DEFAULT_CERTIFICATE_DIRECTORY);
+ domaineAlternativeName = commandLine.getOptionValue(SUBJECT_ALTERNATIVE_NAME);
return commandLine;
}
public String getCertificateDirectory() {
return certificateDirectory;
}
+ public String getDomaineAlternativeName() {
--- End diff --
Same comment about typo.
> TLS Toolkit - add the possibility to define a SAN in issued certificates
> ------------------------------------------------------------------------
>
> Key: NIFI-3331
> URL: https://issues.apache.org/jira/browse/NIFI-3331
> Project: Apache NiFi
> Issue Type: Improvement
> Components: Tools and Build
> Reporter: Pierre Villard
> Assignee: Pierre Villard
> Labels: tls-toolkit
> Fix For: 1.2.0
>
>
> To ease the deployment of a load balancer in front of NiFi, it would be nice to allow
users to define a SAN in certificates issued by the CA.
> To load balance the access to the UI or even with a ListenHTTP processor, both will cause
errors with a "Host mismatch" kind of error because of different fqdn between nodes certificate
and LB certificate. This is also discussed here: http://stackoverflow.com/questions/40035356/nifi-load-balancer
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
|