Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

How to Generate Certs to secure 3 node nifi cluster and configs

Solved Go to solution
Highlighted

Re: How to Generate Certs to secure 3 node nifi cluster and configs

Explorer

Hi @MattWho one last question 

 

since i have generated certs as per hostnames with proper cn & san..

to configure truststore, do i need to merge the truststore.jks generated for both the hosts or can i use one truststore for both hosts? 

 

sh /opt/nifi-toolkit-1.9.2/bin/tls-toolkit.sh standalone -B  mypasswd -C 'CN=nifiadmin, OU=NIFI' -n 'ip-10-175-12x-xx.abc.com,ip-10-175-12x-xxx.abc.com' --nifiDnPrefix 'CN=' --nifiDnSuffix ', OU=NIFI' -o /tmp/certs_divya/ -K mypasswd -P mypasswd -S mypasswd

 

-rw-------. 1 root root 3437 Feb 3 04:46 CN=nifiadmin_OU=NIFI.p12
-rw-------. 1 root root 29 Feb 3 04:46 CN=nifiadmin_OU=NIFI.password
drwx------. 2 root root 71 Feb 3 04:46 ip-10-175-12x-xxx.abc.com
drwx------. 2 root root 71 Feb 3 04:46 ip-10-175-12x-xxx.abc.com
-rw-------. 1 root root 1200 Feb 3 04:46 nifi-cert.pem
-rw-------. 1 root root 1675 Feb 3 04:46 nifi-key.key

View solution in original post

Highlighted

Re: How to Generate Certs to secure 3 node nifi cluster and configs

Master Guru

@DivyaKaki 

 

Since all your certificates have been signed by the same CA, the truststore used by all nodes only needs to contain the public cert for that one CA. 

 

Thanks,

Matt

View solution in original post

Re: How to Generate Certs to secure 3 node nifi cluster and configs

Explorer

@MattWho really appreciate you for educating me on this. Thanks!

Don't have an account?
Coming from Hortonworks? Activate your account here