NiFi Registry TLS/SSL Properties
To enable and configure TLS manually for NiFi Registry, edit the security properties according to the cluster configuration.
The following table lists the TLS/SSL Security properties for NiFi Registry:
| Property | Description |
|---|---|
| NiFi Registry TLS/SSL Server JKS Keystore File
Location
|
The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when NiFi Registry is acting as a TLS/SSL server. The keystore must be in JKS format. |
| NiFi Registry TLS/SSL Server JKS Keystore File
Password
|
The password for the NiFi Registry JKS keystore file. |
| NiFi Registry TLS/SSL Server JKS Keystore Key
Password
|
The password that protects the private key contained in the JKS keystore used when NiFi Registry is acting as a TLS/SSL server. |
| NiFi Registry TLS/SSL Client Trust Store
File
|
The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that NiFi Registry might connect to. This is used when NiFi Registry is the client in a TLS/SSL connection. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead. |
| NiFi Registry TLS/SSL Client Trust Store
Password
|
The password for the NiFi Registry TLS/SSL Certificate Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information. |
