jrebmann
commented
1 year ago I created a pull request https://github.com/cetic/helm-nifi/pull/314 to make it compatible with apache/nifi >= 1.19.0.
Closed jrebmann closed 9 months ago
jrebmann
commented
1 year ago I created a pull request https://github.com/cetic/helm-nifi/pull/314 to make it compatible with apache/nifi >= 1.19.0.
github-actions[bot]
commented
10 months ago This issue is stale because it has not seen recent activity. Remove stale label or comment or this will be closed.
jrebmann
commented
10 months ago The PR for this issue is essential to get in sync with the latest Apache NiFi versions.
Problem description:
I like to run the latest
apache/nificontainer version1.23.2in my kubernetes cluster. The last working nifi version is1.18.0.Analysis:
Since
apache/nifi 1.19.0docker container uses java 11. When changing to this Java version there was a breaking change: The default keystore type changed fromJKStoPKCS12. Source: https://bugs.openjdk.org/browse/JDK-8178828This change causes
cetic/helm-nifito ignore all certificates set viacert-managerandcaSecrets.Solution:
Set the keystore type explicitly to
JKSon importing the certificates by adding-storetype JKSor-deststoretype JKSto thekeytoolcommand.The advantage of this solution is that it is backward compatible and thus works on for java 8.