Github user alopresto commented on the issue:
https://github.com/apache/nifi/pull/2927
@pepov I was able to reproduce this. I can resolve the error you get by
converting the TinyCert private key from PKCS #8 PEM format to PKCS #1 PEM
format (converting from a wrapper containing the DER structure to the raw RSA
key). Once this is done, there is still an error because of `Error creating
generating tls configuration. (certificate does not verify with supplied key)`
which is basically saying that the `nifi-cert.pem` isn't signed by itself,
which is to be expected. I opened
[NIFI-5476](https://issues.apache.org/jira/browse/NIFI-5476) to implement this.
---
