lordgamez commented on PR #1420: URL: https://github.com/apache/nifi-minifi-cpp/pull/1420#issuecomment-1280741097
Hi @ihor-sokoliuk-exa, I pushed a new commit 88a3bc2ed9cac02c8d4f0e8caff7ca7b47e01877 that updates the PR to support SSL connection in C2 messages. To enable the SSL connection you need to configure the following: On C2 server side, in the c2.properties file the `minifi.c2.server.secure=true` should be set and the corresponding keystore and truststore should be configured as well. The `authorizations.yaml` file should also be changed to allow the agent's connections through SSL. For this you should define the agent class's DN in the `authorities.yaml` and set the `allow` action for this class in the `authorizations.yaml` for each endpoint. See the added test files for reference. On the MiNiFi side you should add an `SSLContextService` controller in the `config.yml` file where you can set the client certificate paths for the SSL connection. After that the `nifi.c2.rest.ssl.context.service` property should be set to the name of the `SSLContextService` in the `minifi.properties` file for the MiNiFi agent to use that SSL service for the C2 connection. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
