PEMEncodedSSLContextProvider

Description

SSLContext Provider configurable using PEM Private Key and Certificate files. Supports PKCS1 and PKCS8 encoding for Private Keys as well as X.509 encoding for Certificates.

Tags

Certificate, ECDSA, Ed25519, Key, PEM, PKCS1, PKCS8, RSA, SSL, TLS, X.509

Properties

In the list below required Properties are shown with an asterisk (*). Other properties are considered optional. The table also indicates any default values, and whether a property supports the NiFi Expression Language.

Display NameAPI NameDefault ValueAllowable ValuesDescription
Certificate Authorities *Certificate AuthoritiesPEM X.509 Certificate Authorities trusted for verifying peers in TLS communications containing one or more standard certificates
Certificate Authorities Source *Certificate Authorities SourcePROPERTIES
  • Properties
  • System
Source of information for loading trusted Certificate Authorities
Certificate Chain *Certificate ChainPEM X.509 Certificate Chain associated with Private Key starting with standard BEGIN CERTIFICATE header
Certificate Chain Location *Certificate Chain LocationPEM X.509 Certificate Chain file location associated with Private Key starting with standard BEGIN CERTIFICATE header
Private Key *Private KeyPEM Private Key encoded using either PKCS1 or PKCS8. Supported algorithms include ECDSA, Ed25519, and RSA
Private Key Location *Private Key LocationPEM Private Key file location encoded using either PKCS1 or PKCS8. Supported algorithms include ECDSA, Ed25519, and RSA
Private Key Source *Private Key SourcePROPERTIES
  • Undefined
  • Properties
  • Files
Source of information for loading Private Key and Certificate Chain
TLS Protocol *TLS ProtocolTLS
  • TLS
  • TLSv1.3
  • TLSv1.2
TLS protocol version required for negotiating encrypted communications.

State management

This component does not store state.

Restricted

This component is not restricted.

System Resource Considerations

This component does not specify system resource considerations.