[jira] [Resolved] (NIFI-7333) OIDC provider should use NiFi keystore & truststore

David Handermann (Jira) Fri, 18 Feb 2022 12:24:05 -0800


     [ 
https://issues.apache.org/jira/browse/NIFI-7333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


David Handermann resolved NIFI-7333.
------------------------------------
    Fix Version/s: 1.16.0
       Resolution: Fixed

> OIDC provider should use NiFi keystore & truststore
> ---------------------------------------------------
>
>                 Key: NIFI-7333
>                 URL: https://issues.apache.org/jira/browse/NIFI-7333
>             Project: Apache NiFi
>          Issue Type: Bug
>          Components: Core Framework, Security
>    Affects Versions: 1.11.4
>            Reporter: Andy LoPresto
>            Assignee: Nathan Gough
>            Priority: Major
>              Labels: keystore, oidc, security, tls
>             Fix For: 1.16.0
>
>          Time Spent: 0.5h
>  Remaining Estimate: 0h
>
> The OIDC provider uses generic HTTPS requests to the OIDC IdP, but does not 
> configure these requests to use the NiFi keystore or truststore. Rather, it 
> uses the default JVM keystore and truststore, which leads to difficulty 
> debugging PKIX and other TLS negotiation errors. It should be switched to use 
> the NiFi keystore and truststore as other NiFi framework services do. 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (NIFI-7333) OIDC provider should use NiFi keystore & truststore

Reply via email to