How to enable SSL Vault in Nifi #326
Description
Hi Guys, need some help or suggestion.
Helmchart 1.1.3
Nifi Image version: 1.19.1
Standalone Nifi Server: Replica 1
Currently i am trying to figure out which part of the scripts or helmchart that generate the truststore and keystore and replace in nifi.properties
Default from helmchart nifi.properties
nifi.security.keystore=./conf/keystore.p12
nifi.security.keystoreType=PKCS12
nifi.security.keystorePasswd=
nifi.security.keyPasswd=
nifi.security.truststore=./conf/truststore.p12
nifi.security.truststoreType=PKCS12
nifi.security.truststorePasswd=
nifi.security.user.login.identity.provider=single-user-provider
nifi.security.user.authorizer=single-user-authorizer
After the deployment checked in container /conf/nifi.properties
Objective is to update in bootstrap-hashicorp-vault.conf and get update the keystore password and truststore password same as nifi.properties for enabled the TLS to connect to my HTTPS vault server instead of HTTP.
# Optional TLS properties
vault.ssl.enabledCipherSuites=
vault.ssl.enabledProtocols=TLSv1.3
vault.ssl.key-store=./conf/keystore.p12
vault.ssl.key-store-type=PKCS12
vault.ssl.key-store-password=
vault.ssl.trust-store=./conf/truststore.p12
vault.ssl.trust-store-type=PKCS12
vault.ssl.trust-store-password=
Not recommended to use StandardSSLContextService for manual input keystore pwd & truststore pwd due to sometimes the Nifi server restart it will regenerate a new keystore pwd and truststore pwd.