Standalone Instance, Two-Way SSL

Use this configuration to run NiFi in a standalone instance with a transport layer security protocol (SSL).

In this configuration, you must provide the following:

Certificates and the associated configuration information.

Note

The AUTH environment variable is set to tls.
A DN as provided by an accessing client certificate in the INITIAL_ADMIN_IDENTITY environment variable.

This value will be used to seed the instance with an initial user with administrative privileges.
A volume to provide certificates on the host system to the container instance.

	Note
The `AUTH` environment variable is set to `tls`.

                     docker run --name nifi \
  -v /User/dreynolds/certs/localhost:/opt/certs \
  -p 18443:8443 \
  -e AUTH=tls \
  -e KEYSTORE_PATH=/opt/certs/keystore.jks \
  -e KEYSTORE_TYPE=JKS \
  -e KEYSTORE_PASSWORD=QKZv1hSWAFQYZ+WU1jjF5ank+l4igeOfQRp+OSbkkrs \
  -e TRUSTSTORE_PATH=/opt/certs/truststore.jks \
  -e TRUSTSTORE_PASSWORD=rHkWR1gDNW3R9hgbeRsT3OM3Ue0zwGtQqcFKJD2EXWE \
  -e TRUSTSTORE_TYPE=JKS \
  -e INITIAL_ADMIN_IDENTITY='CN=Random User, O=Apache, OU=NiFi, C=US' \
  -d \
  apache/nifi:latest