Hi Erik, I was able to use v1.7.0 and v1.8.0 NiFi versions of InvokeHTTP to access wildcard CNs. I was not able to reproduce your error. The test configuration I used was a wildcard CN of CN=*.natohorton.com self signed certificate in a JKS, with a simple hosted 'Hello World' HTTPS page using Flask. I then pointed the StandardSSLContextService in NiFi to this JKS as the truststore and pointed InvokeHTTP to https://test.natohorton.com:5000. The InvokeHTTP was able to retrieve the page. Are you able to provide more details about your error for me to replicate? As far as using the OS to handle more operations, my impression would be that the design is such that it can be cross-platform, portable and avoid compatibility issues with underlying operating system changes. It should also be higher performance by directly using Java interfaces rather than frequently making calls to external processes. NiFi was intended to handle large data volumes in a performant manner, extensible, cross-compatible with multiple operating systems whilst also providing a simple user interface for users with a wide spread of technical skills. That combination of requirements likely restricted the design from making more use of existing operating system utilities like curl. Someone else might be able to comment more about those design decisions. Thanks, Nathan ... View more