Greg, The short answer is no, at this point, whatever keystore/truststore is configured in nifi.properties is used for site-to-site communications - both incoming and outgoing.
It would be helpful to allow for specifying a different SSL Context per Remote Process Group, but at this point, it's just not something that's been implemented. Thanks -Mark On 2021/09/22 14:56:39, "Gregory M. Foreman" <[email protected]> wrote: > Hello: > > I am trying to configure site-to-site on a Nifi 1.12.1 cluster hosted on > Kubernetes. > > I would like one TLS cert to be used for communication outside the cluster. > > Inbound s2s (cluster acting as s2s server) is handled by an nginx ingress > proxy that presents the cert to clients. No issues there. > > For outbound s2s (cluster nodes acting as clients), the gui does not have an > option to configure an alternate certificate to use. Is there some way to > provide this? > > Thanks, > Greg
