Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

NiFi InvokeHttp processor with self-signed endpoint

avatar
author-rank oliver
Rising Star

Created ‎09-14-2016 04:20 PM

I'm trying to use InvokeHTTP to write to webhdfs via Knox (into a kerberos secured cluster). Knox is using a self-signed certificate and that is not likely to change. If I use curl with the -k param to allow self-signed certs I can successfully write to HDFS. When using InvokeHTTP though, it barfs on the self-signed cert ("unable to find valid certification path to requested target"). I'm using Apachie NiFi 1.0 (though same problem with 0.7) with HDP 2.2 cluster. Any ideas?

5,912 Views
1 ACCEPTED SOLUTION

avatar
author-rank andrewg author-rank
Guru

Created ‎09-14-2016 05:05 PM

Hi Oliver. One would need to configure SSL context and add the self-signed certificate to the keystore used by it. Take a look at https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi.ssl.StandardSSLContextService/inde...

The components which support SSL will have a controller service property to reference. You would configure all SSL details and keystores in there, to be used by other processors.

View solution in original post

4,966 Views
2 REPLIES 2

avatar
author-rank andrewg author-rank
Guru

Created ‎09-14-2016 05:05 PM

Hi Oliver. One would need to configure SSL context and add the self-signed certificate to the keystore used by it. Take a look at https://nifi.apache.org/docs/nifi-docs/components/org.apache.nifi.ssl.StandardSSLContextService/inde...

The components which support SSL will have a controller service property to reference. You would configure all SSL details and keystores in there, to be used by other processors.

4,967 Views

avatar
author-rank oliver
Rising Star

Created ‎09-15-2016 02:17 PM

Thanks Andrew - didn't read deep enough into the docs.

4,966 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Real time Monitoring for 7.1.9+ and 7.2.18+ with Cl...
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
View More Announcements