Nugget Post: Running NiFi behind an SSL reverse proxy

Scenario User --- (HTTPS) ---> NGINX Reverse Proxy --- (HTTP) ---> NiFi Typical NGINX Reverse Proxy config: location /nifi { proxy_set_header Host $http_host; add_header "Access-Control-Allow-Credentials" "true"; proxy_pass http://127.0.0.1:9900; } Note: the proxy_set_header Host is necessary otherwise NiFi will return "localhost" or "127.0.0.1" in it's links and you'll end up with a bunch of HTTP 404 … Continue reading Nugget Post: Running NiFi behind an SSL reverse proxy

Encrypting traffic in transit to Apache NiFi

In this article we'll explain how to encrypt traffic going to an HTTP handler in NiFi, which is then forwarded to a backend HTTP server - in other words, an SSL offloading reverse proxy. Encrypting traffic in transit to NiFi involves the following steps: Creating a keystore containing a CA certificateCreating a truststore, which contains … Continue reading Encrypting traffic in transit to Apache NiFi