Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

Authentication error while securing Nifi

Labels:
avatar
author-rank narasimha_varma
Rising Star

Created on ‎12-17-2016 04:58 AM - edited ‎08-18-2019 05:07 AM

10410-ambari-sandbox-3.jpg

I am using hortonworks sandbox 2.4, While securing Nifi step_by_step, I used TinyCert to generate my own certificate authority and certificates and I download the client and server certificates in PKCS12 format. After that I created some changes in Nifi config --> nifi.properities as shown in the picture. Finally, I open the file authorized-users. xml, in the Nifi-conf directory and create an admin user based on the DN of the client certificate.

<users>

<user dn="CN=guest, OU=demo, O=Hortonworks, L=trichy, ST=tamilnadu, C=india">

<role name="ROLE_ADMIN"/>

</user>

</users>

I follow this link https://community.hortonworks.com/articles/886/securing-nifi-step-by-step.html.

While I run Nifi under localhost:9090 I got error as shown in the picture

10411-localhost.jpg

2,872 Views
1 ACCEPTED SOLUTION

avatar
author-rank jgeorge
Guru

Created ‎12-17-2016 06:05 PM

Hi Narasimma,

Few pointers,

--> If the configurations are done correctly and you have loaded your client certificate to your browser, you will only be able to view the NiFi UI via https://localhost:port not http://localhost:port like in your screenshot.

--> It looks like you are following the steps to get around it in an older version of HDF. Latest release, HDF-2.x gives us better ways to get SSL enabled with help of NiFi CA and tls-toolkit. please follow the below link for the same.(unfortunately you may not be able to do this in your sandbox where HDP is already installed)

https://community.hortonworks.com/articles/58009/hdf-20-enable-ssl-for-apache-nifi-from-ambari.html

--> In the Latest version we wont be using authorized-users.xml to configure user roles but instead an Initial Admin identity.

Thanks,

Jobin George

View solution in original post

2,783 Views
2 REPLIES 2

avatar
author-rank jgeorge
Guru

Created ‎12-17-2016 06:05 PM

Hi Narasimma,

Few pointers,

--> If the configurations are done correctly and you have loaded your client certificate to your browser, you will only be able to view the NiFi UI via https://localhost:port not http://localhost:port like in your screenshot.

--> It looks like you are following the steps to get around it in an older version of HDF. Latest release, HDF-2.x gives us better ways to get SSL enabled with help of NiFi CA and tls-toolkit. please follow the below link for the same.(unfortunately you may not be able to do this in your sandbox where HDP is already installed)

https://community.hortonworks.com/articles/58009/hdf-20-enable-ssl-for-apache-nifi-from-ambari.html

--> In the Latest version we wont be using authorized-users.xml to configure user roles but instead an Initial Admin identity.

Thanks,

Jobin George

2,784 Views

avatar
author-rank narasimha_varma
Rising Star

Created ‎12-19-2016 04:18 AM

Thank you very much Jobin George

2,783 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Real time Monitoring for 7.1.9+ and 7.2.18+ with Cl...
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
View More Announcements