Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

[NIFI] Secure NIFI with load balancer with VIP

[NIFI] Secure NIFI with load balancer with VIP

Explorer

Hi all,

My nifi cluster is secure and i can access to UI with ldap auth.

For each node of cluster i'm create the certificate with this command:

/var/opt/hosting/nifi-toolkit/bin/tls-toolkit.sh standalone -n ${HOST} -f conf/nifi.properties -o /root --trustStorePassword tpasswd --keyStorePassword kpasswd

My configuration :

- cluster with 3 nodes

- 1 VIP pointing to 3 nodes.

- an apache proxy

My 3 nodes in behind the proxy.

I want use https://vip.domain:9443/nifi

So do you know how create the certficate with SAN and how configure nifi to enable access to UI or listenHTTP in balance mode ?

Perpahs, it is possible to create certifcate with CN=vip.domain and SAN with the 3 nodes ?

2 REPLIES 2
Highlighted

Re: [NIFI] Secure NIFI with load balancer with VIP

The --subjectAlternativeNames flag can be used to pass SAN values to the certificate generation process.

--subjectAlternativeNames <arg> Comma-separated list of domains to use as Subject Alternative Names in the certificate

Re: [NIFI] Secure NIFI with load balancer with VIP

Explorer

@andy I Know how use the tls-toolkit. But my question is what the value to set to enable load balancer with the VIP

Don't have an account?
Coming from Hortonworks? Activate your account here