Support Questions
Find answers, ask questions, and share your expertise

[NIFI] Secure NIFI with load balancer with VIP


Hi all,

My nifi cluster is secure and i can access to UI with ldap auth.

For each node of cluster i'm create the certificate with this command:

/var/opt/hosting/nifi-toolkit/bin/ standalone -n ${HOST} -f conf/ -o /root --trustStorePassword tpasswd --keyStorePassword kpasswd

My configuration :

- cluster with 3 nodes

- 1 VIP pointing to 3 nodes.

- an apache proxy

My 3 nodes in behind the proxy.

I want use https://vip.domain:9443/nifi

So do you know how create the certficate with SAN and how configure nifi to enable access to UI or listenHTTP in balance mode ?

Perpahs, it is possible to create certifcate with CN=vip.domain and SAN with the 3 nodes ?


The --subjectAlternativeNames flag can be used to pass SAN values to the certificate generation process.

--subjectAlternativeNames <arg> Comma-separated list of domains to use as Subject Alternative Names in the certificate


@andy I Know how use the tls-toolkit. But my question is what the value to set to enable load balancer with the VIP