Implement Self-Signed Certificate Generation for HTTPS Configuration

Enabling HTTPS through default configuration properties requires the presence of keystore and truststore files.  For default standalone installations, this requires generating a self-signed certificate and private key for storage in a keystore.  The certificate should be stored in a truststore and both files should be placed in a standard location within the NiFi home directory.

The following requirements should be considered as part of the implementation:

• Keystore and Truststore format should be PKCS12
• Keystore and Truststore passwords should use secure random generation
• The self-signed certificate must contain at least one DNS Subject Alternative Name

The following implementation questions should be addressed as part of the implementation:

• Should the certificate subject always use localhost or should other host addresses be evaluated and added as subject alternative names?
• What is the default expiration for the generated certificate?  Something short should be considered to encourage provisioning a certificate through other means