[ https://issues.apache.org/jira/browse/NIFI-5586?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul Grey resolved NIFI-5586. ----------------------------- Resolution: Won't Do In a recent mailing list discussion [1], a consensus discussion was made to deprecate the module "nifi-toolkit-tls". A set of tickets [2] [3] [4] was opened and resolved to carry out this work. In order to complete this effort, any open tickets in the NIFI project relating to defects, enhancements, etc of "nifi-toolkit-tls" should be marked resolved. [1] https://lists.apache.org/thread/vn1nzobtz4fh7fs461sgg8jj9zygrk0f [2] NIFI-12169 - Documentation updates to provide alternatives to usage of TLS Toolkit [3] NIFI-12200 - Remove nifi-toolkit-tls module [4] NIFI-12201 - Deprecation markings for nifi-toolkit-tls module in support/nifi-1.x > Add capability to generate ECDSA keys to TLS Toolkit > ---------------------------------------------------- > > Key: NIFI-5586 > URL: https://issues.apache.org/jira/browse/NIFI-5586 > Project: Apache NiFi > Issue Type: Improvement > Components: Tools and Build > Affects Versions: 1.7.1 > Reporter: Andy LoPresto > Priority: Major > Labels: cryptography, ecc, ecdsa, security, tls, tls-toolkit > > The TLS Toolkit should be able to generate ECDSA keys to enable NiFi to > support ECDSA cipher suites. > Currently, ECDSA keys can be manually generated using external tools and > loaded into a keystore and truststore that are compatible with NiFi. > {code} > keytool -genkeypair -alias ec -keyalg EC -keysize 256 -sigalg SHA256withECDSA > -validity 365 -storetype JKS -keystore ec-keystore.jks -storepass > passwordpassword > keytool -export -alias ec -keystore ec-keystore.jks -file ec-public.pem > keytool -import -alias ec -file ec-public.pem -keystore ec-truststore.jks > -storepass passwordpassword > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)