Anup, I replied earlier today to your email on the users mailing list but it doesn't seem to have gone through correctly. I am including that response below...
That section is still incomplete unfortunately. We are definitely pushing the documentation at the moment. Personally, I am working through getting our REST endpoints documented. I know another committer has been working on the contribution guide as well some introduction to NiFi quick start guides. I can provide some quick points here in the meantime. In the section for web properties you'll want to configure the 'https' properties instead of the 'http' properties. nifi.web.http.host= nifi.web.http.port= nifi.web.https.host= nifi.web.https.port= The further down you'll need to configure the security properties. nifi.security.keystore= nifi.security.keystoreType= nifi.security.keystorePasswd= nifi.security.keyPasswd= nifi.security.truststore= nifi.security.truststoreType= nifi.security.truststorePasswd= nifi.security.needClientAuth= These will define the certificates that are used by the web server (and cluster and site to site communications). You will need to configure all the keystore properties and truststore properties (if keyPasswd is not configured the keystorePasswd will be tried as the keyPasswd). If you set needClientAuth to false, clients will be required to trust the keystore configured here. User access will still be anonymous however. If you set needClientAuth to true, clients will need to have certificates loaded in their browser that are trusted by the truststore configured here. User access will be considered using the DN from their certificate and the authorization provider. NiFi supports pluggable authorization which is only necessary if needClientAuth is set to true. By default its configured with a file based solution. nifi.security.user.authority.provider=file-provider Details on setting up this file and controlling the level of access have started being discussed here [1]. Hope this helps while we get more detailed documentation written up. Thanks. Matt [1] https://nifi.incubator.apache.org/docs/nifi-docs/administration-guide.html#controlling-levels-of-access On Wed, Apr 29, 2015 at 8:18 AM, anup s <[email protected]> wrote: > Hi Mark, > The Secure Configuration section isn't updated yet. Could you point me > to some other location. > > Regards, > anup > > > > -- > View this message in context: > http://apache-nifi-incubating-developer-list.39713.n7.nabble.com/configuring-site-to-site-tp1253p1280.html > Sent from the Apache NiFi (incubating) Developer List mailing list archive > at Nabble.com. >
