Andy LoPresto created NIFI-5400:
-----------------------------------
Summary: NiFiHostnameVerifier should be replaced
Key: NIFI-5400
URL: https://issues.apache.org/jira/browse/NIFI-5400
Project: Apache NiFi
Issue Type: Improvement
Components: Core Framework
Affects Versions: 1.7.0
Reporter: Andy LoPresto
The {{NiFiHostnameVerifier}} does not handle wildcard certificates or complex
{{SubjectAlternativeNames}}. It should be replaced with a more full-featured
implementation, like {{OkHostnameVerifier}} from {{okhttp}} or
{{DefaultHostnameVerifier}} from {{http-client}}. Either of these options
requires introducing a new Maven dependency to {{nifi-commons}} and requires
further investigation.
*Note: * the {{sun.net.www.protocol.httpsDefaultHostnameVerifier}} simply
returns {{false}} on all inputs and is not a valid solution.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
