David Handermann created NIFI-14027:
---------------------------------------
Summary: Add SSLContextProvider Controller Service Interface
Key: NIFI-14027
URL: https://issues.apache.org/jira/browse/NIFI-14027
Project: Apache NiFi
Issue Type: Improvement
Components: Extensions
Reporter: David Handermann
Assignee: David Handermann
The {{SSLContextService}} Controller Service interface supports TLS
communication for a wide range for extension components and includes methods
for creating Java {{SSLContext}} objects and retrieving configuration
properties. The majority of extension components require initialized
{{SSLContext}} objects or the supporting {{KeyManager}} and {{TrustManager}}
objects. A small number of extension components use individual configuration
properties to support other libraries that handle {{SSLContext}} construction.
In order to provide better separation between configuration properties and TLS
communication objects, a new {{SSLContextProvider}} Controller Service
interface should be added to the {{nifi-ssl-context-service-api}} module. This
interface should declare the same {{createContext}} and {{createTrustManager}}
methods that the {{SSLContextService}} provides so that it can serve as a
parent interface for {{SSLContextService}}. This change will support updates to
integrating components, allowing them to depend on {{SSLContextProvider}}
instead of {{SSLContextService}}.
The new {{SSLContextProvider}} interface will support subsequent introduction
of support for configuring PEM Key and Certificate files in a way that ensures
compatibility without implying access to the files themselves.
This approach retains compatibility with existing external Processors and
Controller Services that depend on {{SSLContextService}}.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
