nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy LoPresto <>
Subject Re: NiFi 1.1.1 proxy authorization error
Date Wed, 25 Jan 2017 19:02:41 GMT
Yes, you can manually construct the keystore and truststore files if you know how. The toolkit
is provided as a convenience for users who do not have the experience or a dedicated security
team to generate those files.

Andy LoPresto
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69

> On Jan 25, 2017, at 6:42 AM, bmichaud <> wrote:
> The way I was setting up initial security was with the legacy
> authorized-users.xml file. additionally, my certificate keystore.jks has
> been and must be generated  by a company internal tool. I have done so, and
> generated a truststore file using the java keytool, adding trusted entries
> for various public keys we use for our company. This has worked fine in
> 1.0.0 and prior versions.
> The instructions from Brian Bende suggests that I use the tls toolkit to
> generate keystore and truststore, but I just need to append the common
> server and the three servers in my cluster. I know that all of these
> servers's certificates are included in my keystore file already, so I
> believe that I just need to add truststore entries.
> Is the best way to do that to use a plain text PEM file and edit it with a
> test editor?
> --
> View this message in context:
> Sent from the Apache NiFi Developer List mailing list archive at

View raw message