Mark: Thank you for clarifying.
Greg > On Sep 27, 2021, at 1:55 PM, Mark Payne <[email protected]> wrote: > > Greg, > > The short answer is no, at this point, whatever keystore/truststore is > configured in nifi.properties is used for site-to-site communications - both > incoming and outgoing. > > It would be helpful to allow for specifying a different SSL Context per > Remote Process Group, but at this point, it's just not something that's been > implemented. > > Thanks > -Mark > > > On 2021/09/22 14:56:39, "Gregory M. Foreman" <[email protected]> > wrote: >> Hello: >> >> I am trying to configure site-to-site on a Nifi 1.12.1 cluster hosted on >> Kubernetes. >> >> I would like one TLS cert to be used for communication outside the cluster. >> >> Inbound s2s (cluster acting as s2s server) is handled by an nginx ingress >> proxy that presents the cert to clients. No issues there. >> >> For outbound s2s (cluster nodes acting as clients), the gui does not have an >> option to configure an alternate certificate to use. Is there some way to >> provide this? >> >> Thanks, >> Greg
