[jira] [Assigned] (NIFI-7333) OIDC provider should use NiFi keystore & truststore

Nathan Gough (Jira) Mon, 07 Feb 2022 18:46:06 -0800


     [ 
https://issues.apache.org/jira/browse/NIFI-7333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nathan Gough reassigned NIFI-7333:
----------------------------------

    Assignee: Nathan Gough  (was: David Handermann)

> OIDC provider should use NiFi keystore & truststore
> ---------------------------------------------------
>
>                 Key: NIFI-7333
>                 URL: https://issues.apache.org/jira/browse/NIFI-7333
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework, Security
>    Affects Versions: 1.11.4
>            Reporter: Andy LoPresto
>            Assignee: Nathan Gough
>            Priority: Major
>              Labels: keystore, oidc, security, tls
>
> The OIDC provider uses generic HTTPS requests to the OIDC IdP, but does not 
> configure these requests to use the NiFi keystore or truststore. Rather, it 
> uses the default JVM keystore and truststore, which leads to difficulty 
> debugging PKIX and other TLS negotiation errors. It should be switched to use 
> the NiFi keystore and truststore as other NiFi framework services do. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Assigned] (NIFI-7333) OIDC provider should use NiFi keystore & truststore

Reply via email to