exceptionfactory commented on pull request #4779: URL: https://github.com/apache/nifi/pull/4779#issuecomment-767861874
This PR ended up introducing a lot of additional unit test changes in order to optimize the build process. Upgrading Bouncy Castle to 1.68 resolved the previous issues related to the following exception: `java.security.InvalidKeyException: cannot identify XDH private key` Azul Zulu JDK 11.0.10 included [changes](https://bugs.openjdk.java.net/browse/JDK-8171279) to support X25519 and X448 Elliptic Curves for TLS. This change and other changes to Key Agreement selection appear to have forced the selection of the Bouncy Castle Security Provider in some circumstances. Bouncy Castle 1.67 and 1.68 enhanced support for these Elliptic Curves and TLS 1.3. After introducing the Bouncy Castle version upgrade, several unit tests started failing in different methods due to apparent timeout issues. The test classes for `InvokeHTTP` and `ListenHTTP` as well as `PutTCP` relied on the `SSLContextService` implementation class, which resulted in instantiating a new `SSLContext` for each test method. Refactoring these test classes to initialize `SSLContext` once per test class and mocking `SSLContextService` optimized test performance and appears to have addressed the timeout issues. ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
