Installing and Upgrading NiFi
Also available as:
PDF

Standalone Instance, Two-Way SSL

Use this configuration to run NiFi in a standalone instance with a transport layer security protocol (SSL).

In this configuration, you must provide the following:

  • Certificates and the associated configuration information.

    [Note]Note

    The AUTH environment variable is set to tls.

  • A DN as provided by an accessing client certificate in the INITIAL_ADMIN_IDENTITY environment variable.

    This value will be used to seed the instance with an initial user with administrative privileges.

  • A volume to provide certificates on the host system to the container instance.

docker run --name nifi \
  -v /User/dreynolds/certs/localhost:/opt/certs \
  -p 18443:8443 \
  -e AUTH=tls \
  -e KEYSTORE_PATH=/opt/certs/keystore.jks \
  -e KEYSTORE_TYPE=JKS \
  -e KEYSTORE_PASSWORD=QKZv1hSWAFQYZ+WU1jjF5ank+l4igeOfQRp+OSbkkrs \
  -e TRUSTSTORE_PATH=/opt/certs/truststore.jks \
  -e TRUSTSTORE_PASSWORD=rHkWR1gDNW3R9hgbeRsT3OM3Ue0zwGtQqcFKJD2EXWE \
  -e TRUSTSTORE_TYPE=JKS \
  -e INITIAL_ADMIN_IDENTITY='CN=Random User, O=Apache, OU=NiFi, C=US' \
  -d \
  apache/nifi:latest