Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Does Nifi use One-way or two-way SSL authentication?

Labels:
avatar
author-rank toandyliang
Rising Star

Created ‎02-16-2017 01:55 PM

Sorry for asking a silly questions: Does Nifi use One-way or two-way SSL authentication?

Thanks

Andy

3,463 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank brosander
Rising Star

Created ‎02-16-2017 02:25 PM

Hi @Andy Liang

In secured mode, the default authentication method is via 2-way TLS. If you configure another login identity provider. [1] Then you have the option of using 2-way TLS or either SPNEGO in browser or username/password login with 1 way TLS.

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication

Thanks,

Bryan

View solution in original post

2,832 Views
5 REPLIES 5

avatar
author-rank brosander
Rising Star

Created ‎02-16-2017 02:25 PM

Hi @Andy Liang

In secured mode, the default authentication method is via 2-way TLS. If you configure another login identity provider. [1] Then you have the option of using 2-way TLS or either SPNEGO in browser or username/password login with 1 way TLS.

[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#user-authentication

Thanks,

Bryan

2,833 Views

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎02-16-2017 02:26 PM

@Andy Liang

Most features of NiFi use two-way SSL while few allow for use of only One-way SSL.

Anything that is "machine" to "machine" requires two-way SSL. So using features like NiFi's Site-to-Site or SSL Context Controller services all utilize two-way SSL.

NiFi access to the UI only uses one-way ssl.

Thnaks,

Matt

2,832 Views

avatar
author-rank srijitachaturve
Rising Star

Created ‎12-29-2017 01:02 PM

@Matt Clarke @brosander i am using kerberos as a login identity provider to secure nifi1.1.1 instance, could you please suggest do i need to provide two way ssl for this? or we dont need to do in Nifi-1.1.1, as it is no where mentioned in nifi administration guide to provide ssl certificates with kerberos.

i am following this article: https://community.hortonworks.com/content/kbentry/34147/nifi-security-user-authentication-with-kerbe...

Thanks a lot in advance!!

2,832 Views
0 Kudos

avatar
author-rank manchun_pandit
New Contributor

Created ‎12-29-2017 04:52 PM

This is a hands-on walkthrough configuring SSL/TLS authentication in Apache NiFi. The tasks we will accomplish include:

  1. Creating and installing a user certificate
  2. Setting up the server's KeyStore
  3. Setting up the server's TrustStore
  4. Installing the user certificate into the TrustStore
  5. Configuring authorization for our user

Read More https://www.janbasktraining.com/blog/big-data-hadoop-tutorial-beginners/

2,832 Views
0 Kudos

avatar
author-rank srijitachaturve
Rising Star

Created ‎01-02-2018 05:57 PM

Thanks @Manchun Kumar , but i am unable to find post for this in the link you provided. could you please share the particualr link for ssl/TLS in Nifi-1.1.1 or above

2,832 Views
0 Kudos
Announcements
What's New @ Cloudera
Cloudera DataFlow 2.9 now supports building GenAI pipelines ...
What's New @ Cloudera
Accelerate Data Scientist Productivity with Cloudera Copilot...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
Community Announcements
October 2024 Community Highlights
What's New @ Cloudera
Accelerate Your AI with the Cloudera AI Inference Service wi...
View More Announcements