[ https://issues.apache.org/jira/browse/NIFI-4942?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16437847#comment-16437847 ]
ASF GitHub Bot commented on NIFI-4942: -------------------------------------- Github user YolandaMDavis commented on the issue: https://github.com/apache/nifi/pull/2628 Spoke with @alopresto offline. He highlighted that is it important to maintain control of location of secure-hash.key file in order to prevent calling application from piping into a file that is controlled externally. We want to keep it as secured as possible. Concerning the documentation update recommendation that can be addressed in a separate item. +1 Will merge shortly > NiFi Toolkit - Allow migration of master key without previous password > ---------------------------------------------------------------------- > > Key: NIFI-4942 > URL: https://issues.apache.org/jira/browse/NIFI-4942 > Project: Apache NiFi > Issue Type: Improvement > Components: Tools and Build > Affects Versions: 1.5.0 > Reporter: Yolanda M. Davis > Assignee: Andy LoPresto > Priority: Major > > Currently the encryption cli in nifi toolkit requires that, in order to > migrate from one master key to the next, the previous master key or password > should be provided. In cases where the provisioning tool doesn't have the > previous value available this becomes challenging to provide and may be prone > to error. In speaking with [~alopresto] we can allow toolkit to support a > mode of execution such that the master key can be updated without requiring > the previous password. Also documentation around it's usage should be updated > to be clear in describing the purpose and the type of environment where this > command should be used (admin only access etc). -- This message was sent by Atlassian JIRA (v7.6.3#76005)