Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Authentication error while securing Nifi

Labels:
avatar
author-rank narasimha_varma
Rising Star

Created on ‎12-17-2016 04:58 AM - edited ‎08-18-2019 05:07 AM

10410-ambari-sandbox-3.jpg

I am using hortonworks sandbox 2.4, While securing Nifi step_by_step, I used TinyCert to generate my own certificate authority and certificates and I download the client and server certificates in PKCS12 format. After that I created some changes in Nifi config --> nifi.properities as shown in the picture. Finally, I open the file authorized-users. xml, in the Nifi-conf directory and create an admin user based on the DN of the client certificate.

<users>

<user dn="CN=guest, OU=demo, O=Hortonworks, L=trichy, ST=tamilnadu, C=india">

<role name="ROLE_ADMIN"/>

</user>

</users>

I follow this link https://community.hortonworks.com/articles/886/securing-nifi-step-by-step.html.

While I run Nifi under localhost:9090 I got error as shown in the picture

10411-localhost.jpg

1,897 Views
1 ACCEPTED SOLUTION

avatar
author-rank jgeorge
Guru

Created ‎12-17-2016 06:05 PM

Hi Narasimma,

Few pointers,

--> If the configurations are done correctly and you have loaded your client certificate to your browser, you will only be able to view the NiFi UI via https://localhost:port not http://localhost:port like in your screenshot.

--> It looks like you are following the steps to get around it in an older version of HDF. Latest release, HDF-2.x gives us better ways to get SSL enabled with help of NiFi CA and tls-toolkit. please follow the below link for the same.(unfortunately you may not be able to do this in your sandbox where HDP is already installed)

https://community.hortonworks.com/articles/58009/hdf-20-enable-ssl-for-apache-nifi-from-ambari.html

--> In the Latest version we wont be using authorized-users.xml to configure user roles but instead an Initial Admin identity.

Thanks,

Jobin George

View solution in original post

1,808 Views
2 REPLIES 2

avatar
author-rank jgeorge
Guru

Created ‎12-17-2016 06:05 PM

Hi Narasimma,

Few pointers,

--> If the configurations are done correctly and you have loaded your client certificate to your browser, you will only be able to view the NiFi UI via https://localhost:port not http://localhost:port like in your screenshot.

--> It looks like you are following the steps to get around it in an older version of HDF. Latest release, HDF-2.x gives us better ways to get SSL enabled with help of NiFi CA and tls-toolkit. please follow the below link for the same.(unfortunately you may not be able to do this in your sandbox where HDP is already installed)

https://community.hortonworks.com/articles/58009/hdf-20-enable-ssl-for-apache-nifi-from-ambari.html

--> In the Latest version we wont be using authorized-users.xml to configure user roles but instead an Initial Admin identity.

Thanks,

Jobin George

1,809 Views

avatar
author-rank narasimha_varma
Rising Star

Created ‎12-19-2016 04:18 AM

Thank you very much Jobin George

1,808 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera Data Engineering 1.23: Access Spark from Your Favor...
What's New @ Cloudera
HBase REST server scaling support is Generally Available
What's New @ Cloudera
New CLI option in the update-database command
What's New @ Cloudera
New Action menu item in the Cloudera Operational Database UI
What's New @ Cloudera
Get the list of supported instance types in the Cloudera Ope...
View More Announcements