Standalone Instance, Two-Way SSL
Use this configuration to run NiFi in a standalone instance with a transport layer security protocol (SSL).
In this configuration, you must provide the following:
Certificates and the associated configuration information.
![[Note]](../common/images/admon/note.png)
Note The
AUTHenvironment variable is set totls.A DN as provided by an accessing client certificate in the
INITIAL_ADMIN_IDENTITYenvironment variable.This value will be used to seed the instance with an initial user with administrative privileges.
A volume to provide certificates on the host system to the container instance.
docker run --name nifi \ -v /User/dreynolds/certs/localhost:/opt/certs \ -p 18443:8443 \ -e AUTH=tls \ -e KEYSTORE_PATH=/opt/certs/keystore.jks \ -e KEYSTORE_TYPE=JKS \ -e KEYSTORE_PASSWORD=QKZv1hSWAFQYZ+WU1jjF5ank+l4igeOfQRp+OSbkkrs \ -e TRUSTSTORE_PATH=/opt/certs/truststore.jks \ -e TRUSTSTORE_PASSWORD=rHkWR1gDNW3R9hgbeRsT3OM3Ue0zwGtQqcFKJD2EXWE \ -e TRUSTSTORE_TYPE=JKS \ -e INITIAL_ADMIN_IDENTITY='CN=Random User, O=Apache, OU=NiFi, C=US' \ -d \ apache/nifi:latest