[
https://issues.apache.org/jira/browse/MINIFICPP-607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16616361#comment-16616361
]
ASF GitHub Bot commented on MINIFICPP-607:
------------------------------------------
Github user apiri commented on the issue:
https://github.com/apache/nifi-minifi-cpp/pull/398
reviewing
> Remove host and peer verification bypass configuration option
> -------------------------------------------------------------
>
> Key: MINIFICPP-607
> URL: https://issues.apache.org/jira/browse/MINIFICPP-607
> Project: NiFi MiNiFi C++
> Issue Type: Improvement
> Affects Versions: 0.5.0
> Reporter: Andy LoPresto
> Assignee: Mr TheSegfault
> Priority: Critical
> Labels: certificate, configuration, cryptography, security, tls,
> verification
>
> There is a [section of the MiNiFi C++
> documentation|https://github.com/apache/nifi-minifi-cpp/#sitetosite-security-configuration]
> which instructs the user on how to bypass host and peer verification when
> making secure connections. These configuration options should be removed, and
> users should configure the certificates correctly.
> {quote}
> If during testing you have a need to disable host or peer verification, you
> may use the following options:
> # in minifi.properties
> nifi.security.client.disable.host.verification=true
> nifi.security.client.disable.peer.verification=true
> {quote}
> Spoke to Marc Parisi off list and he asked me to assign to him.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
