Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Does Nifi use One-way or two-way SSL authentication?

Labels:
avatar
author-rank toandyliang
Rising Star

Created ‎02-16-2017 01:55 PM

Sorry for asking a silly questions: Does Nifi use One-way or two-way SSL authentication?

Thanks

Andy

3,877 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank brosander
Rising Star

Created ‎02-16-2017 02:25 PM

Hi @Andy Liang

In secured mode, the default authentication method is via 2-way TLS. If you configure another login identity provider. [1] Then you have the option of using 2-way TLS or either SPNEGO in browser or username/password login with 1 way TLS.

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication

Thanks,

Bryan

View solution in original post

3,246 Views
0
5 REPLIES 5

avatar
author-rank brosander
Rising Star

Created ‎02-16-2017 02:25 PM

Hi @Andy Liang

In secured mode, the default authentication method is via 2-way TLS. If you configure another login identity provider. [1] Then you have the option of using 2-way TLS or either SPNEGO in browser or username/password login with 1 way TLS.

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication

Thanks,

Bryan

3,247 Views
0

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎02-16-2017 02:26 PM

@Andy Liang

Most features of NiFi use two-way SSL while few allow for use of only One-way SSL.

Anything that is "machine" to "machine" requires two-way SSL. So using features like NiFi's Site-to-Site or SSL Context Controller services all utilize two-way SSL.

NiFi access to the UI only uses one-way ssl.

Thnaks,

Matt

3,246 Views

avatar
author-rank srijitachaturve
Rising Star

Created ‎12-29-2017 01:02 PM

@Matt Clarke @brosander i am using kerberos as a login identity provider to secure nifi1.1.1 instance, could you please suggest do i need to provide two way ssl for this? or we dont need to do in Nifi-1.1.1, as it is no where mentioned in nifi administration guide to provide ssl certificates with kerberos.

i am following this article: https://community.hortonworks.com/content/kbentry/34147/nifi-security-user-authentication-with-kerbe...

Thanks a lot in advance!!

3,246 Views
0 Kudos

avatar
author-rank manchun_pandit
New Contributor

Created ‎12-29-2017 04:52 PM

This is a hands-on walkthrough configuring SSL/TLS authentication in Apache NiFi. The tasks we will accomplish include:

  1. Creating and installing a user certificate
  2. Setting up the server's KeyStore
  3. Setting up the server's TrustStore
  4. Installing the user certificate into the TrustStore
  5. Configuring authorization for our user

Read More https://www.janbasktraining.com/blog/big-data-hadoop-tutorial-beginners/

3,246 Views
0 Kudos

avatar
author-rank srijitachaturve
Rising Star

Created ‎01-02-2018 05:57 PM

Thanks @Manchun Kumar , but i am unable to find post for this in the link you provided. could you please share the particualr link for ssl/TLS in Nifi-1.1.1 or above

3,246 Views
0 Kudos
Announcements
Community Announcements
April 2025 Cloudera Customer Advisory: Cloudera’s response t...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
View More Announcements