in this effort and any
changes you suggest.
The short answer to your request is to import the public certificate of the
certificate authority (CA) which is used to sign the individual users’ client
certificates into the truststore, which is then provided to NiFi. As the CA
public cert does
Joseph
I'd make sure to read about the keystore/truststore model and high level
bits of PKI. A site like [1] can help with that but the first key is
understanding the client cert, server cert, CA, and general trust model.
With that basis in mind setting up NiFi for mutual auth with certificates
Joseph
You are absolutely right that it would be terrible to have to edit the
truststore on the nifi server(s) each time you wanted to add a client
cert. You're also right that there is a way to never do this. I'll poke
around for some links to help send you in the right direction.
Thanks
On
Hello,
I apologize if this is a simple/stupid question, but reading through the
administration guide and copious amounts of googling have returned very little
regarding this.
I'm looking into utilizing only client certificates for authentication to our
Apache NiFi server. I want to avoid