I am attempting to setup secure site-to-site using NiFi 1.1.1. I have secured NiFi, and am able to access the UI securely via HTTPS. I have set the following security-related properties:
nifi.sensitive.props.key=<key-value> nifi.sensitive.props.key.protected= nifi.sensitive.props.algorithm=PBEWITHMD5AND256BITAES-CBC-OPENSSL nifi.sensitive.props.provider=BC nifi.sensitive.props.aditional.keys= nifi.security.keystore=<keystore-file> nifi.security.keystoreType=JKS nifi.security.keystorePasswd=<password> nifi.security.keyPasswd=<password> nifi.security.truststore=<truststore-file> nifi.security.truststoreType=JKS nifi.security.trsustorePasswd=<password> nifi.security.needClientAuth=true nifi.security.user.authorizer=file-provider nifi.security.user.login.identity.provider= I also set the site-to-site properties: nifi.remote.input.host=<host-fqdn> nifi.remote.input.secure=true nifi.remote.input.socket.port=<port, different from https UI port> nifi.remote.input.http.enabled=true nifi.remote.input.http.tansaction.ttl=30 sec The authorizers.xml has been setup to import the legacy authorized-users.xml. And, this correctly populated the users.xml to include the remote server for the site-to-site. It also added users to the authorizations.xml file to include the user (i.e.server ) with site-to-site resource (both R and W). Despite this setup, the Input Port on the UI does not show an Access Control tab as in NiFi 0.x. I am not sure how to authorize the remote server such that the Input Port will be displayed in the remote server's Remote Process Group's list of ports. Have I missed a step in the security and/or user authentication setup? Thanks, Mark
