Hi Everyone
I am attempting to setup a Nifi Cluster using docker compose. However I
have noticed the following settings in the docker-compose.yml is not
being honered.
Below the extract from the docker-compose file:
# security properties #
NIFI_SENSITIVE_PROPS_KEY: xxxxxxxxxxxxxx
KEYSTORE_PATH: /opt/nifi/nifi-current/keystore/keystore.jks
KEYSTORE_TYPE: jks
KEYSTORE_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
TRUSTSTORE_PATH: /opt/nifi/nifi-current/keystore/keystore.jks
TRUSTSTORE_TYPE: jks
TRUSTSTORE_PASSWORD: xxxxxxxxxxxxxxxxxxxxxxxxxxxx
volumes:
- /opt/nifi/node102/truststore:/opt/nifi/nifi-current/truststore
- /opt/nifi/node102/keystore:/opt/nifi/nifi-current/keystore
Below exctract from the nifi.properties file from one of the docker
nodes in the three node cluster:
nifi.sensitive.props.key=PSd3KqQZYMcigEM2B37nD8gY
nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
nifi.sensitive.props.additional.keys=
nifi.security.autoreload.enabled=false
nifi.security.autoreload.interval=10 secs
nifi.security.keystore=./conf/keystore.p12
nifi.security.keystoreType=PKCS12
nifi.security.keystorePasswd=5a8e4de35cfdcf92cc2f0fa34d5cde17
nifi.security.keyPasswd=5a8e4de35cfdcf92cc2f0fa34d5cde17
nifi.security.truststore=./conf/truststore.p12
nifi.security.truststoreType=PKCS12
nifi.security.truststorePasswd=db3b70b60e8df344941b1f31719fb919
nifi.security.user.authorizer=single-user-authorizer
nifi.security.allow.anonymous.authentication=false
nifi.security.user.login.identity.provider=single-user-provider
nifi.security.user.jws.key.rotation.period=PT1H
nifi.security.ocsp.responder.url=
nifi.security.ocsp.responder.certificate=
As we see the truststore and keystore values passed in the docker-
compose file was ignored.
Regards
Stefan
