Commit Graph

70 Commits

Author SHA1 Message Date
Bryan Rosander 0cc1765531 NIFI-2823 - Adding nifiDnPrefix, nifiDnSuffix options to standalone tls-toolkit
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #1066
2016-11-09 16:49:04 -05:00
Andy LoPresto 89eb2ce28c
NIFI-2652 Provided key migration capability for encrypted config tool.
Added test resources with 128-bit encryption for environments without unlimited strength cryptographic jurisdiction policies installed. All tests pass in both 128- and 256-bit environments. (+8 squashed commits)
Squashed commits:
[55f127c] NIFI-2652 Updated Admin Guide with instructions for encrypted config key migration.
[05abf0e] NIFI-2652 Added unit tests for negative cases for migration argument parsing.
Cleaned up TODOs and comments.
[9b73b22] NIFI-2652 Removed SCrypt mock from one unit test that didn't need it. Test pollution is removed and all tests pass.
[d17ea77] NIFI-2652 Removed SCrypt mock from one redundant unit test. One offender remains ignored.
[0924ce0] NIFI-2652 Removed SCrypt mock from one unit test that did not need it. Two offenders remain ignored.
[cb5f850] NIFI-2652 Expanded unit test for combinations into individual tests due to System.exit() only be capturable once per test.
Three tests which mock Scrypt for speed are temporarily ignored to perform test pollution identification.
[c9cc5dc] NIFI-2652 Added logic and unit test for all combinations of original key/password and new key/password.
[19713ec] NIFI-2652 Implemented first pass of key migration logic and provided single comprehensive unit test.

This closes #1186.
2016-11-07 15:33:10 -08:00
Bryan Rosander 8c09bef4f8 NIFI-2937 - Adding configJsonIn option to tls-toolkit client and server
This closes #1158

Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>
2016-10-25 14:30:04 -04:00
Bryan Rosander 4e13fef724
NIFI-2783 - Site-to-site command line client - s2s.sh shell script warnings -> stderr, usage improvement with examples - Increasing heap settings for s2s cli
This closes #1056.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-09-30 09:12:16 -04:00
Andy LoPresto bc50329d5e
NIFI-2688 Fixed regex pattern for European and Australian time zones in serialized nifi.properties.
This closes #974.
2016-08-31 15:21:04 -07:00
jpercivall 1752a57197 Merge branch 'NIFI-2676-rc1' of https://git-wip-us.apache.org/repos/asf/nifi 2016-08-31 14:01:57 +10:00
Koji Kawamura 6916c5363a
NIFI-2686: Confusing log No hostnames specified
instanceDefinitions.isEmpty() was negate wrongly.

This closes #965.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-08-29 10:43:11 -07:00
Joseph Percivall 1fe18a1567 NIFI-2676-rc1 prepare for next development iteration 2016-08-26 11:40:58 -04:00
Joseph Percivall 74d5224783 NIFI-2676-rc1 prepare release nifi-1.0.0-RC1 2016-08-26 11:40:44 -04:00
Bryan Rosander e9da90812b NIFI-2650 - Adding dependency on nifi-resources to match maven-dependency-plugin
This closes #936

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-24 21:31:29 -04:00
Andy LoPresto 1a9d505b4e NIFI-2640 Fixed Windows encrypt-config.bat script to correctly invoke ConfigEncryptionTool. - Resolved failing Windows tests by adding OS-agnostic file permission read/write methods and new regex for different date formats. - Ignored tests that fail on Windows due to file permission and line ending issues. These are captured in NIFI-2644.
This closes #925

Signed-off-by: jpercivall <joepercivall@yahoo.com>
2016-08-24 17:07:35 -04:00
Andy LoPresto c638191a47
NIFI-1831 Added internal logic and command-line tool to allow AES-encrypted sensitive configuration values in nifi.properties.
This closes #834.
2016-08-23 20:34:31 -07:00
Bryan Rosander d4bbd647c5
NIFI-2586 - Javadocs, ExitCode cleanup, password generation improvement, setting cluster secure to true, making properties writer more flexible
This closes #879.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-08-18 09:26:32 -04:00
Matt Gilman 3f7216ab84 NIFI-2561: - Decoupling kerberos service and spnego principles and keytabs.
Signed-off-by: Yolanda M. Davis <ymdavis@apache.org>

This closes #873
2016-08-17 08:14:05 -04:00
Bryan Rosander 2fd39676a8
NIFI-2569 - Multiple instances on same host, range enhancements, nifi.properties incrementing ports NIFI-2569 - Updating main class in windows bat file
This closes #861.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-08-16 15:20:46 -04:00
Bryan Rosander fa5da543e6
NIFI-2526 - DN order, multiple standalone runs, client certificates
- Logic for sorting DN, reversing X500Names before using them to generate certificate
- Logging reordered dn
- Accounting for limited crypto pkcs12, allowing password specification for client certificates
- Updating tests to work with or without jce unlimited
- Loading keystore for test in try-with

This closes #824.

Signed-off-by: Bryan Bende <bbende@apache.org>
2016-08-15 10:21:34 -04:00
Bryan Rosander 2dc094765d NIFI-2516 - Extract version info into parent pom, upgrade to commons-io 2.5
NIFI-2516 - Removing slf4j-api, version from slf4j-log4j12

This closes #809.
2016-08-09 22:43:29 +02:00
Joseph Percivall 8d380dcdac NIFI-2497 Fixing testOutputDirectory to be system agnostic
This closes #795
2016-08-05 12:27:09 -04:00
Bryan Rosander d223423de9
NIFI-2485 Added log messages and default values to standalone tool.
NIFI-2485 - Updating standalone success message (+2 squashed commits)
Squashed commits:
[68638bc] NIFI-2485 - Logging successful host processing in standalone
[9b41e0f] NIFI-2485 - Updating standalone defaults, adding logging

This closes #790.

Signed-off-by: Andy LoPresto <alopresto@apache.org>
2016-08-04 13:53:53 -07:00
Bryan Rosander fa4c6ab03c
NIFI-2193 - Added functionality to automate certificate generation, keystore and truststore generation, and nifi.properties keystore and truststore password population. Follow-on changes will be made under NIFI-2476.
This closes #695.

Signed-off-by: Andy LoPresto <alopresto@apache.org>

Defaulting to same keyStore, key password (+18 squashed commits)
Squashed commits:
[9d01ba0] NIFI-2193 - Fixing typo
[55440bc] NIFI-2193 - Standalone can run as long as there are no conflicting files/folders
[0ca34ed] NIFI-2193 - Fixing some filename, absolute path issues
[9d4f65b] NIFI-2193 - Incorporating feedback
[f7550b4] NIFI-2193 - Cleaning up imports
[59a7637] NIFI-2193 - Updating umask to allow owner to execute
[cf824e7] NIFI-2193 - Moving DN arg to CA service specific parent class
[921ee13] NIFI-2193 - Making keystore getInstance more consistent
[a283c4b] NIFI-2193 - Updating sample config files in assembly to reflect new structure
[8d3a21d] NIFI-2193 - Making TlsHelper static, adding option to use same password for Key, KeyStore
[b13d247] NIFI-2193 - Addressing PR feedback
[46ef8ed] NIFI-2193 - Removing commons-logging, log4j from notice
[d4cf41a] NIFI-2193 - Adding option to specify output file for CA certificate when using cli client
[b74bf25] NIFI-2193 - Removing Bouncy Castle from notice
[6e34f9a] NIFI-2193 - Adding CLI client for easier generation of client certificates
[2924fca] NIFI-2193 - nifi-toolkit-ssl -> nifi-toolkit-tls, removing unused constants
[886167e] NIFI-2193 - Adding slf4j to avoid runtime issue
[082de46] NIFI-2193 - Command line SSL config utility as well as certificate authority client/server
2016-08-03 21:34:11 -07:00