Is there no great way of doing this? Seems like it would solve a lot of problems for us: providing the context rather than key/truststore paths and properties will work a lot more cleanly.
Cheers! Nathan On Wed, Oct 7, 2020 at 5:22 PM Nathan Gough <thena...@gmail.com> wrote: > Hi Enrico, > > Yes, the goal is to be strict about what protocols and ciphers to allow. > We have an SSLContext factory we use consistently across NiFi to provide a > better security guarantee. > > On Wed, Oct 7, 2020 at 5:13 PM Enrico Olivelli <eolive...@gmail.com> > wrote: > >> Nathan, >> >> Il Mer 7 Ott 2020, 23:06 Nathan Gough <thena...@gmail.com> ha scritto: >> >> > Hi, >> > >> > I develop for Apache NiFi and was working on adding TLS to one of our >> > clients that use Zookeeper. I was wondering if it's possible to inject a >> > custom SSLContext similar in concept to this ticket: >> > >> > https://issues.apache.org/jira/browse/ZOOKEEPER-2643 >> > >> > I can't see a way to provide this through the ZooKeeperAdmin interface. >> > >> >> Why do you need to inject a custom SSLContext? Can you explain a little >> more? Is it about limiting ciphers or protocols.... >> >> Enrico >> >> >> > Thanks! >> > Nathan >> > >> >
