Encrypted Write Ahead FlowFile Repository Properties

All of the properties defined above (see Write Ahead FlowFile Repository) still apply. Only encryption-specific properties are listed here. See Encrypted Write Ahead FlowFile Repository Properties for more information.


Property	Description
`nifi.flowfile.repository.encryption.key.provider.implementation`	This is the fully-qualified class name of the key provider. A key provider is the datastore interface for accessing the encryption key to protect the content claims. There are currently three implementations: `StaticKeyProvider` which reads a key directly from nifi.properties, `FileBasedKeyProvider` which reads keys from an encrypted file, and `KeyStoreKeyProvider` which reads keys from a standard `java.security.KeyStore`.
`nifi.flowfile.repository.encryption.key.provider.location`	The path to the key definition resource (empty for `StaticKeyProvider`, `./keys.nkp` or similar path for `FileBasedKeyProvider`). For future providers like an HSM, this may be a connection string or URL.
`nifi.flowfile.repository.encryption.key.provider.password`	The password used for decrypting the key definition resource, such as the keystore for `KeyStoreKeyProvider`.
`nifi.flowfile.repository.encryption.key.id`	The active key ID to use for encryption (e.g. `Key1`).
`nifi.flowfile.repository.encryption.key`	The key to use for `StaticKeyProvider`. The key format is hex-encoded (`0123456789ABCDEFFEDCBA98765432100123456789ABCDEFFEDCBA9876543210`) but can also be encrypted using the `./encrypt-config.sh` tool in NiFi Toolkit.
`nifi.flowfile.repository.encryption.key.id.`*	Allows for additional keys to be specified for the `StaticKeyProvider`. For example, the line `nifi.flowfile.repository.encryption.key.id.Key2=012…210` would provide an available key `Key2`.