Connecting an external application to a test session

Once a test session with inbound connection is running, you can go on and connect an external application to start sending data.

A test session with inbound connection configured is running.
A network connection through which the client can reach the NiFi endpoint is available.
You have been assigned at least the DFFlowDeveloper role for the environment to which you want to configure the inbound connection.

Select the draft where you want to send data and go to Flow Options > Inbound Connection Details.
Make a note of the ENDPOINT HOSTNAME and LISTENING PORTS.
Click Download Client Certificate.

The X.509 client certificate downloads to your computer in PEM format.
Click Download Private Key to obtain the RSA Private Key.

The unencrypted RSA Private Key encoded with PKCS8 downloads to your computer in PEM format.
Depending on your client, you may have to convert the certificate and the private key to a different format.
For example, to convert PEM to PKCS12 format, use the following command:
```
openssl pkcs12 -export -in [***DOWNLOADED PEM CERT FILE***] -inkey [***DOWNLOADED PEM PRIVATE KEY***] -out certificate.p12
```
To further convert the PKCS12 file to JKS format for a Java client, run the following command:
```
keytool -importkeystore -srckeystore [***CERTIFICATE NAME***].p12 -srcstoretype pkcs12 -destkeystore [***DESTINATION KEYSTORE***].jks
```
Add the certificate file and the private key files to the keystore of your application.
Configure your application to stream data to the Endpoint Hostname, port, and protocol of the NiFi instance behind the Test Session.