Configuring the SSLContext Controller Service:

The SSLContext controller service is a mechanism for providing all the security properties that allow for secure communications between NiFi extensions and other systems. NiFi extensions include processors, reporting tasks, and other controller services.

The controller-services.xml file is located in the NiFi conf directory. The user may set up any number of controller services within this file.

Below is an example of the template for a SSLContext controller service. Note that the identifier in this example is ssl-context. If using this template to create your own SSLContext controller service, replace the property values with values that are suitable for your system. Possible options for Keystore Type and Truststore Type are JKS or PKCS12.

<?xml version="1.0" encoding="UTF-8" ?>
<services>
    <service>
        <identifier>ssl-context</identifier>
        <class>org.apache.nifi.ssl.StandardSSLContextService</class>
        <property name="Keystore Filename">C:/testpki/localtest-ks.jks</property>
        <property name="Keystore Password">localtest</property>
        <property name="Keystore Type">JKS</property>
        <property name="Truststore Filename">C:/testpki/localtest-ts.jks</property>
        <property name="Truststore Password">localtest</property>
        <property name="Truststore Type">JKS</property>
    </service>
</services>