Cloudera Docs

NiFi Registry TLS Properties

To enable and configure TLS manually for NiFi Registry, edit the security properties according to the cluster configuration.

The following table lists the Security properties for NiFi Registry:

Property Description
NiFi Registry TLS/SSL Server JKS Keystore File Location

nifi.registry.security.keystore

 The path to the TLS/SSL keystore file containing the server certificate and private key used for TLS/SSL. Used when NiFi Registry is acting as a TLS/SSL server. The keystore must be in JKS format.
NiFi Registry TLS/SSL Server JKS Keystore File Password

nifi.registry.security.keystorePasswd

 The password for the NiFi Registry JKS keystore file.
NiFi Registry TLS/SSL Server JKS Keystore Key Password

nifi.registry.security.keyPasswd

 The password that protects the private key contained in the JKS keystore used when NiFi Registry is acting as a TLS/SSL server.
NiFi Registry TLS/SSL Client Trust Store File

nifi.registry.security.truststore

 The location on disk of the trust store, in .jks format, used to confirm the authenticity of TLS/SSL servers that NiFi Registry might connect to. This is used when NiFi Registry is the client in a TLS/SSL connection. This trust store must contain the certificate(s) used to sign the service(s) connected to. If this parameter is not provided, the default list of well-known certificate authorities is used instead.
NiFi Registry TLS/SSL Client Trust Store Password

nifi.registry.security.truststorePasswd

 The password for the NiFi Registry TLS/SSL Certificate Trust Store File. This password is not required to access the trust store; this field can be left blank. This password provides optional integrity checking of the file. The contents of trust stores are certificates, and certificates are public information.
xasecure.policymgr.clientssl.keystore Path to keystore to use in policy manager.
xasecure.policymgr.clientssl.keystore.credential.file Path to keystore credential file to use in policy manager.
xasecure.policymgr.clientssl.truststore Path to truststore to use in policy manager.
xasecure.policymgr.clientssl.truststore.credential.file Path to truststore credential file to use in policy manager.