nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Teoh <chris.t...@gmail.com>
Subject Re: GetHTTP processor to consume public https?
Date Sat, 05 Sep 2015 06:53:38 GMT
I think that makes sense. I don't know how Python does it but using that
was very easy. I'm not familiar with having to generate a keystore or trust
store or both (which one do I use?) to get at public SSL sites. Perhaps
document how to do it if it was a self signed or internally signed
certificate but ideally it should be easy for public internet sites.
On Sat, 5 Sep 2015 at 2:31 pm Joe Witt <joe.witt@gmail.com> wrote:

> would it be feasible to try and look for reasonable default locations
> to find prebuilt keystores to make this sort of thing easier?
>
> ...in addition to documenting it of course.
>
> Thanks
> Joe
>
> On Fri, Sep 4, 2015 at 9:10 PM, Aldrin Piri <aldrinpiri@gmail.com> wrote:
> > The issue for those sites is you need a set of root certificates for the
> > common sites on the web much the same way a browser comes bundled with
> them.
> >
> > The Linux distributions typically come with a prebuilt truststore when
> Java
> > is installed and it lives within /etc/pki/. Exact location escapes me at
> the
> > moment. If you are in another environment, let us know and we can try to
> > help get you setup there.
> >
> > Several people run into this because that one-way SSL is one of those
> things
> > that just works (or is bypassed/ignored when it is not). Not sure if we
> > should have a processor equivalent to a curl -k param (gut feel is a no),
> > but this is at least FAQ material.
> >
> > On Fri, Sep 4, 2015 at 23:44 Chris Teoh <chris.teoh@gmail.com> wrote:
> >>
> >> Hmm sorry I'm not sure. I just want to do a GET request from a site that
> >> returns me JSON like I would using a web browser or a Python script
> where
> >> I'm guessing the certificate side of things are already working.
> >> On Sat, 5 Sep 2015 at 1:41 pm Joe Witt <joe.witt@gmail.com> wrote:
> >>>
> >>> Chris,
> >>>
> >>> It's quite common to interact with SSL services using 1-way or 2-way
> >>> SSL.  Are you just wanting to hit something with 1-way SSL?  What
> >>> happens when you try it?
> >>>
> >>> Thanks
> >>> Joe
> >>>
> >>> On Wed, Sep 2, 2015 at 3:32 PM, Chris Teoh <chris.teoh@gmail.com>
> wrote:
> >>> > Hi,
> >>> >
> >>> > I'm still a little lost on how to do a GET on ssl sites. The standard
> >>> > ssl
> >>> > context controller configuration is baffling. Is there anyone that
> has
> >>> > done
> >>> > this? I'm trying to consume public internet ssl site.
> >>> >
> >>> > Kind regards
> >>> > Chris
>

Mime
View raw message