[ https://issues.apache.org/jira/browse/NIFI-7333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
David Handermann resolved NIFI-7333. ------------------------------------ Fix Version/s: 1.16.0 Resolution: Fixed > OIDC provider should use NiFi keystore & truststore > --------------------------------------------------- > > Key: NIFI-7333 > URL: https://issues.apache.org/jira/browse/NIFI-7333 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework, Security > Affects Versions: 1.11.4 > Reporter: Andy LoPresto > Assignee: Nathan Gough > Priority: Major > Labels: keystore, oidc, security, tls > Fix For: 1.16.0 > > Time Spent: 0.5h > Remaining Estimate: 0h > > The OIDC provider uses generic HTTPS requests to the OIDC IdP, but does not > configure these requests to use the NiFi keystore or truststore. Rather, it > uses the default JVM keystore and truststore, which leads to difficulty > debugging PKIX and other TLS negotiation errors. It should be switched to use > the NiFi keystore and truststore as other NiFi framework services do. -- This message was sent by Atlassian Jira (v8.20.1#820001)