Please keep in mind I am in no way savvy in "this stuff" at all, so please bare with me. Issue: I am still receiving "Your connection is not private" / "NET::ERR_CERT_AUTHORITY_INVALID" when accessing the NiFi web UI that I have installed on a Linux server even though I set it up with a certificate provided by my company (I believe did something wrong here). Goal: Anyone who tries to access the web UI will be met with the NiFi Login screen (this part is already setup with LDAP) without having to import a certificate instead of the warning/secure ("Your connection is not private") page. I think it's important to know that I have it working fine with self-signed certificate and importing the certificate into my browser. Summary (Please read this knowing that my understanding of the subject is very minimal): 1. I generated a CSR and keystore.jks (from what I understand contains the private key) with the following command: keytool -genkey -alias server -keyalg RSA -keysize 2048 -keystore keystore.jks -dname "CN={{domain data here}}" && keytool -certreq -alias server -file nifi.csr -keystore keystore.jks && echo Your certificate signing request is in nifi.csr.  Your keystore file is keystore.jks.  Thanks for using the DigiCert keytool CSR helper. 2. Forwarded the generated CSR to our company CA and they sent back 4 following files: nifi.cer nifi.p7b root-CA.cer issuing-CA.cer 3. Generated a truststore.jks (with a temp alias and removed it) and imported the nifi.cer into it keytool -import -alias server -file "nifi.cer" -keystore -truststore.jks 4. Placed the truststore and keystore files into the conf directory of NiFi on the server and updated the # security properties # in nifi.properties to reflect the keystore and truststore files. Please let me know if I did something wrong or I misunderstood something. ... View more