Hi Abhinav,

If you used the NiFi TLS Toolkit to generate the server certificates, I would run the toolkit on the same Linux machine where you generated the server certificates with a command like below (see the TLS Toolkit section of the NiFi Admin Guide for more information, i.e. if you ran it in client/server mode originally, use that, etc.):

$ ./bin/toolkit-tls.sh standalone -C "CN=ajoshi, OU=Apache NiFi" -B passwordpassword

Populate the CN field with whatever you want to be your username for accessing NiFi and assigning permissions. Using the toolkit on the same machine (in the same directory) will use the NiFi CA that was previously generated, so everything will be signed by the correct keys. You will get two files as a result:

1. CN=abhinav_OU=Apache_NiFi.p12
2. CN=abhinav_OU=Apache_NiFi.password

The first is a PKCS12 keystore which you can import into your operating system keychain so Chrome will access it. The second is a text file containing the password you set (if you omit the -B flag, it will randomly generate a strong password).

Copy the .p12 file to your client system and (I believe on Windows, double-clicking will work), import the client certificate into your keychain. See here for more specific per-browser instructions.

Thanks @Andy LoPresto . I will go through this in detail and will revert once am successful. Thanks again for taking your time out and responding to this query.

Hello @Abhinav Joshi and @Andy LoPresto

I wanna install minifi and i already installed NIFI.

The issue is minifi can't connect to nifi due to TLShandshake problem with nifi whom already hev a keystore.jks et truststore.jks.

Any suggesion

Thanks you in advance

HI @nisrine elloumi

How did you generate your Certificates. I actually generated on the Nifi Linux machine using the command bin/tls-toolkit.sh standalone -n <<minifiserver>> -d 3650 and then ftped the keystore and truststore files over to the minifi server which was also a Linux machine.

How have you done it in your case