Usually, you would write you custom processor to support the StandardSSLSocketService:
https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi/nifi-ssl-context-service-nar/1.16.3/org.apache.nifi.ssl.StandardSSLContextService/index.html From: Russell Bateman <r...@windofkeltia.com> <r...@windofkeltia.com> Reply: dev@nifi.apache.org <dev@nifi.apache.org> <dev@nifi.apache.org> Date: July 5, 2022 at 18:30:46 To: NiFi Developers List <dev@nifi.apache.org> <dev@nifi.apache.org> Subject: How to manage security artifacts from a custom processor >From a custom processor, I intend to interface with a third-party br/>servicee (via simple HTTP client), however, I would need as I understand br//>it to a) maintain a private key by which I can identify myself to that third-party service and b) maintain a trusted-store certificate by which I can guarantee the identity of the service. This is pretty far outside my own experience. I have been reading on how br/>this is achieved in Java, but in my mind a complication aarises from the br/>fact that a custom NiFFi processor lives within NiFi's JVM. My question br/>is therefore, how can I control the ceertificates and authorities for my br/>use in or associated with NiFFi's JVM. Clearly, I don't grok this well br/>enough even to ask the qquestion; I'm hoping someone can see through what br/>I'm asking and point me in a good direction to study. I've written a pile of successful and useful custom NiFi processors to br/>cover proprietary needs, so custom-processor writing isn''t a mystery. br/>Certificates, keys, trusts and security in general still is. Profuse thanks, Russ
