The CET should encrypt sensitive properties for the NiFi Registry.
The necessary improvements include:
- the tool should respect the input filename and not generate a hard-coded nifi.properties file as output; if the input file is nifi-registry.properties and no output filename is provided as an argument, the output file should be nifi-registry.properties as well
- Keys starting with nifi.registry.* should be detected (currently, the list of sensitive properties is hard-coded, so nifi.registry.security.keystorePasswd doesn't get encrypted, for example)
- nifi.registry.sensitive.props.additional.keys should be detected
- nifi.sensitive.props.additional.keys must be manually renamed
- The encrypted output shows 3 protected when only 2 properties are. This is because nifi.sensitive.props.key was generated but did not persist (because it didn't already exist in nifi-registry.properties)
- nifi.registry.db.password should be detected