Minifi MiNiFi comes with a tool which can encrypt sensitive properties in the minifi.properties file.  It is called encrypt-config (encrypt-config.exe on Windows), and it is in the bin directory of the installation, next to the main minifi binary.

...

If you have a minifi.properties file in your Minifi your MiNiFi configuration directory /var/tmp/minifi-home/conf containing the following sensitive properties:

...

You should protect the bootstrap.conf file to make sure it is only readable by the user which will run MinifiMiNiFi.

Additional sensitive properties

By default, encrypt-config will encrypt a (short) list of default sensitive properties; if .  If you want more properties to be encrypted, you can add a nifi.sensitive.props.additional.keys setting with a comma-separated list of additional sensitive properties to your minifi.properties file like this:

...

Remember to protect the new bootstrap.conf file so it is only readable by the user which will run MinifiMiNiFi.