Enable TLS for NiFi Registry
- Ensure that the NiFi Toolkit CA Service radio button is selected.
- In the Enable TLS/SSL for NiFi Registry field, check the NiFi Registry Default Group box.
- In the Initial Admin Identity field, specify the information you will use to identify the initial admin user. For example, client certificate distinguished name (dn), Kerberos user, or LDAP user.
- In the NiFi Registry CA Force Regenerate field, check the NiFi Node Default Group box.
Review and update the location of the keystores and truststores, as
If you are using Client Certificates for authentication and user authorization, restart the service and log in with the Initial Admin Certificate. If you need to create a client certificate see Get Client Certificates for Authentication.
- If you are integrating with Kerberos or LDAP, continue with further configuration defined below.