Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Does Nifi use One-way or two-way SSL authentication?

Labels:
avatar
author-rank toandyliang
Rising Star

Created ‎02-16-2017 01:55 PM

Sorry for asking a silly questions: Does Nifi use One-way or two-way SSL authentication?

Thanks

Andy

2,862 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank brosander
Rising Star

Created ‎02-16-2017 02:25 PM

Hi @Andy Liang

In secured mode, the default authentication method is via 2-way TLS. If you configure another login identity provider. [1] Then you have the option of using 2-way TLS or either SPNEGO in browser or username/password login with 1 way TLS.

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication

Thanks,

Bryan

View solution in original post

2,231 Views
5 REPLIES 5

avatar
author-rank brosander
Rising Star

Created ‎02-16-2017 02:25 PM

Hi @Andy Liang

In secured mode, the default authentication method is via 2-way TLS. If you configure another login identity provider. [1] Then you have the option of using 2-way TLS or either SPNEGO in browser or username/password login with 1 way TLS.

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication

Thanks,

Bryan

2,232 Views

avatar
author-rank MattWho author-rank
Super Mentor

Created ‎02-16-2017 02:26 PM

@Andy Liang

Most features of NiFi use two-way SSL while few allow for use of only One-way SSL.

Anything that is "machine" to "machine" requires two-way SSL. So using features like NiFi's Site-to-Site or SSL Context Controller services all utilize two-way SSL.

NiFi access to the UI only uses one-way ssl.

Thnaks,

Matt

2,231 Views

avatar
author-rank srijitachaturve
Rising Star

Created ‎12-29-2017 01:02 PM

@Matt Clarke @brosander i am using kerberos as a login identity provider to secure nifi1.1.1 instance, could you please suggest do i need to provide two way ssl for this? or we dont need to do in Nifi-1.1.1, as it is no where mentioned in nifi administration guide to provide ssl certificates with kerberos.

i am following this article: https://community.hortonworks.com/content/kbentry/34147/nifi-security-user-authentication-with-kerbe...

Thanks a lot in advance!!

2,231 Views
0 Kudos

avatar
author-rank manchun_pandit
New Contributor

Created ‎12-29-2017 04:52 PM

This is a hands-on walkthrough configuring SSL/TLS authentication in Apache NiFi. The tasks we will accomplish include:

  1. Creating and installing a user certificate
  2. Setting up the server's KeyStore
  3. Setting up the server's TrustStore
  4. Installing the user certificate into the TrustStore
  5. Configuring authorization for our user

Read More https://www.janbasktraining.com/blog/big-data-hadoop-tutorial-beginners/

2,231 Views
0 Kudos

avatar
author-rank srijitachaturve
Rising Star

Created ‎01-02-2018 05:57 PM

Thanks @Manchun Kumar , but i am unable to find post for this in the link you provided. could you please share the particualr link for ssl/TLS in Nifi-1.1.1 or above

2,231 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements