Adding Snowflake CA certificates to NiFi truststore

You must ensure that NiFi can communicate securely with Snowflake. To do this, configure NiFi to trust the Snowflake Certificate Authority (CA) by merging the default Snowflake JDK truststore content into the NiFi truststore.

The Snowflake endpoints have certificates signed by a Certificate Authority (CA). You must configure NiFi so that the Snowflake CAs are trusted by NiFi. The recommended approach is to follow the steps documented in How to Add Root and Intermediate CAs to Truststore for TLS/SSL. See the link in the Related information below.

Another approach is to merge the content of the default truststore of the JDK into the NiFi truststore. This approach is described here.

You have reviewed and met the prerequisites

  1. Merge the content of the JDK truststore (represented by the file cacerts), you can use the below command:
    
    keytool 
    -importkeystore 
    -srckeystore [***path to cacerts***] 
    -destkeystore [***path to NiFi truststore***]
  2. When prompted, enter the password of the JDK truststore. The default is changeit.
  3. Enter the NiFi truststore password.

If you have changed the truststore, you must restart NiFi before the changes are taken into account.

After you have finished adding Snowflake certificates to the NiFi truststores, you may move on to the following steps.
  • Build the dataflow.
  • Create the Controller Services for your dataflow.
  • Configure your source Processor.
  • Configure your target Processor.
  • Confirm your dataflow is successful.