[jira] [Created] (NIFI-15836) Support PEM keys in Kafka3ConnectionService

Jira Tue, 14 Apr 2026 05:23:22 -0700

Alaksiej Ščarbaty created NIFI-15836:
----------------------------------------


             Summary: Support PEM keys in Kafka3ConnectionService
                 Key: NIFI-15836
                 URL: https://issues.apache.org/jira/browse/NIFI-15836
             Project: Apache NiFi
          Issue Type: Improvement
          Components: Extensions
    Affects Versions: 2.9.0
            Reporter: Alaksiej Ščarbaty
            Assignee: Alaksiej Ščarbaty


Currently `Kafka3ConnectionService` supports only file-based 
`SSLContextService`. `SSLContextProvider`, which is a parent of 
`SSLContextService`, can't be used in the controller service.

`PEMEncodedSSLContextProvider` is an `SSLContextProvider`, thus can't be used 
with the controller service.

*Goal*

`Kafka3ConnectionService` should accept a parent - `SSLContextProvider` instead.

If the provided service is `SSLContextService`, we keep the current file-based 
behavior.

Otherwise a custom `SslEngineFactory` (introduced in 
[KIP-519|https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=128650952])
 is used. Thanks to that it will be possible to support any 
`SSLContextProvider` implementation, not only `PEMEncodedSSLContextProvider`.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (NIFI-15836) Support PEM keys in Kafka3ConnectionService

Reply via email to