0

Some background... I'm trying to run a nifi registry on ECS. I'm using the apache/nifi-registry:latest container image.

I'm unable to set this up via TLS (without baking my cert details into my dockerfile which is a security nightmare). Is there another way to still be able to use the registry with users/etc and NOT need to be running on HTTPS ports?

I'd prefer to run this container on port 18080 still, but it appears when doing so I'm unable to login/really do anything with nifi reg?

Exziled
  • 473
  • 5
  • 20
  • To perform any type of authentication it must be done over https, otherwise it would be very insecure to send credentials over an http connection – Bryan Bende Apr 15 '20 at 15:38
  • The latest docker image should support property replacement for the TLS settings, so they shouldn't have to be baked into anything - https://github.com/apache/nifi-registry/blob/master/nifi-registry-docker-maven/dockermaven/sh/secure.sh – Bryan Bende Apr 15 '20 at 15:40
  • @BryanBende can you explain to me a bit how this works? Just providing the container with env variables for the keystore/etc? – Exziled Apr 17 '20 at 12:52

0 Answers0