Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-8088

Remove PKCS12 Deprecation Warning in KeyStoreUtils

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 1.12.1
    • 1.13.0
    • None

    Description

      KeyStoreUtils.getTrustStore() logs a warning message indicating the PKCS12 trust stores are deprecated in favor of JKS.  JEP 229 changed the default key store type to PKCS12 starting with Java 9. The Site to Site Client, GetHTTP, and PostHTTP Processors use the KeyStoreUtils.getTrustStore() method. The method itself checks the trust store type, logs the warning for PKCS12 and delegates to KeyStoreUtils.getKeyStore().

      References to KeyStoreUtils.getTrustStore() should be replaced with KeyStoreUtils.getKeyStore() and the getTrustStore() method should be removed to avoid confusing log warnings in deployments where PKCS12 trust stores are used.

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. NIFI-10932 NiFi Toolkit CLI cannot connect to NiFi - trustAnchors parameter must be non-empty

          • Major - Major loss of function.
          • Resolved
          links to

          Web Link GitHub Pull Request #4727

          Activity

            People

              exceptionfactory David Handermann
              exceptionfactory David Handermann
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 50m
                  50m