Created 11-17-2017 04:11 AM
Thanks a lot to this awesome community.
I have a listenTCP which uses StandardSSLCOntextService to encrypted traffic, however I am getting an error as
Error reading from channel due to failed to decrypt the data IO exception fail to decrypt the data
Created 11-17-2017 11:00 PM
Please provide the version of NiFi/HDF you are using, the configuration of the StandardSSLContextService, and the full stacktrace from nifi-app.log. The information above is not enough for us to diagnose this issue.
Created on 11-21-2017 04:47 PM - edited 08-17-2019 09:50 PM
@Andy LoPresto apologies I should have provided that, got busy in troubleshooting please find below the images,
The only error message I am getting in the nifi-app.log is this
"Error reading from channel due to Failed to decrypt data: java.io.IOException: Failed to decrypt data"
no stack trace as such,
My nifi cluster is 6 nodes cluster, with https enabled.
any suggestion or help,
Created 11-29-2017 09:22 PM
What version of HDF are you using? Also, what SSL Protocol is your StandardSSLContextService controller service configured to use?
Created 11-30-2017 03:24 PM
@Wynner appreciate your response.
I read on the community that TLSv1.2 is only supported. We are many leagcy SSL versions.
Created 11-30-2017 07:28 PM
It depends on a number of factors:
The best solution here is to upgrade the protocol version you are using to TLS v1.2 if possible. If not, introduce a proxy server to perform bidirectional handshakes. NiFi/HDF is not designed to allow legacy SSL protocols due to their demonstrated security vulnerabilities.