Github user pepov commented on a diff in the pull request:
https://github.com/apache/nifi/pull/2866#discussion_r206875134
--- Diff: nifi-docker/dockerhub/README.md ---
@@ -124,6 +124,33 @@ volume to provide certificates on the host system to
the container instance.
-e LDAP_TLS_TRUSTSTORE_PASSWORD: ''
-e LDAP_TLS_TRUSTSTORE_TYPE: ''
+### Standalone Instance, kerberos
+In this configuration, the user will need to provide certificates and the
associated configuration information. Optionally,
+if the kerberos provider of interest is operating in kerberos modes,
certificates will additionally be needed.
+Of particular note, is the `AUTH` environment variable which is set to
`kerberos`. Additionally, the user must provide a
+username as provided by the configured kerberos server in the
`INITIAL_ADMIN_IDENTITY` environment variable. This value will be
--- End diff --
This is optional. The user can provide a Kerberos username when decides not
to authenticate using the client certificate. When a client certificate is
provided with the connection request there will be no Kerberos authentication
performed at all.
---
