https://community.cloudera.com/t5/Support-Questions/NiFi-Error-Despite-Successful-SSL-Handshake-using-openssl-s/m-p/289364#M214200 <P><a href="https://community.cloudera.com/t5/user/viewprofilepage/user-id/35454">@MattWho</a>&nbsp;</P><P>Hi Matt,</P><P>&nbsp;</P><P>For your third point :&nbsp;<STRONG>3. PrivateKeyEntry supports clientAuth and serverAuth Extended Key Usage (EKU) -&gt; </STRONG>do you mean needs both ?</P><P>Can you give a situation where we need both attributes ?</P><P>I have a nifi cluster with 3 servers for each and in each cert I only have one EKU (serverAuth) but my 3 servers can still communicate between them. Even nifi and nifi-registry can communicate too with only one attribute in EKU field.&nbsp;</P> Fri, 07 Feb 2020 16:32:09 GMT JC_ROS 2020-02-07T16:32:09Z