Standard implementation of the SSLContextService. Provides the ability to configure keystore and/or truststore properties once and reuse that configuration throughout the application. This service can be used to communicate with both legacy and modern systems. If you only need to communicate with non-legacy systems, then the StandardRestrictedSSLContextService is recommended as it only allows a specific set of SSL protocols to be chosen.
ssl, secure, certificate, keystore, truststore, jks, p12, pkcs12, pkcs, tls
In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values, and whether a property is considered "sensitive", meaning that its value will be encrypted. Before entering a value in a sensitive property, ensure that the nifi.properties file has an entry for the property nifi.sensitive.props.key.
| Name | Default Value | Allowable Values | Description |
|---|---|---|---|
| Keystore Filename | The fully-qualified filename of the Keystore | ||
| Keystore Password | The password for the Keystore Sensitive Property: true | ||
| Key Password | The password for the key. If this is not specified, but the Keystore Filename, Password, and Type are specified, then the Keystore Password will be assumed to be the same as the Key Password. Sensitive Property: true | ||
| Keystore Type |
| The Type of the Keystore | |
| Truststore Filename | The fully-qualified filename of the Truststore | ||
| Truststore Password | The password for the Truststore Sensitive Property: true | ||
| Truststore Type |
| The Type of the Truststore. Either JKS or PKCS12 | |
| TLS Protocol | TLS |
| The algorithm to use for this TLS/SSL context |