Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Currently, there is no way to encrypt sensitive properties in bootstrap.conf and in the generated minifi.properties file.
The goal of this story is to make it possible to encrypt sensitive property values in the bootstrap configuration file, and the generated minifi.properties file also should contain only encrypted values.
- The supported encryption provider should be AES/GCM.
- The encryption key can be defined in the minifi.bootstrap.sensitive.key property
- We should provide a tool(minifi-toolkit-encrypt-config) to encrypt the bootstrap.conf properties, we can use the nifi-toolkit-encrypt-config as an inspiration
Make sure that the solution works with change ingestors and c2 protocol as well
Attachments
Issue Links
- links to