Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

NiFi ERR_CONNECTION_REFUSED from other computers than where it's installed

Labels:
avatar
author-rank Emery
Contributor

Created on ‎12-20-2024 10:08 AM - edited ‎12-20-2024 10:18 AM

Hi,
I can't seem to figure out why I'm unable to reach my NiFi GUI from computers on our intranet other than where it's installed.

nifi.properties has these entries (nothing on the http settings)

nifi.web.https.host=ourMacMini20
nifi.web.https.port=9444
nifi.web.https.network.interface.default=
nifi.web.https.application.protocols=h2 http/1.1
nifi.web.jetty.working.directory=./work/jetty
nifi.web.jetty.threads=200
nifi.web.max.header.size=16 KB
nifi.web.proxy.context.path=
nifi.web.proxy.host=
nifi.web.max.content.size=
nifi.web.max.requests.per.second=30000
nifi.web.max.access.token.requests.per.second=25
nifi.web.request.timeout=60 secs
nifi.web.request.ip.whitelist=
nifi.web.should.send.server.version=true
nifi.web.request.log.format=%{client}a - %u %t "%r" %s %O "%{Referer}i" "%{User-Agent}i"

From the computer itself where the installation occurs this works:

For other computers (where certificates are installed) this message is shown

This site can’t be reached
ourmacmini20 refused to connect.
ERR_CONNECTION_REFUSED
 
No error messages appear in any log files.

This is what seems to point to some NiFi setting being incomplete. Two other services run on that computer and they are reachable from other computers:

and

Please any suggestions as to what I'm overlooking?

Thank you!
648 Views
0
1 ACCEPTED SOLUTION

avatar
author-rank Shelton
Master Mentor

Created on ‎12-22-2024 07:33 AM - edited ‎12-22-2024 07:35 AM

@Emery 
I think this should resolve your problem, change the nifi.web.https.host and  shown below so it binds to all network interfaces, allowing access from other machines in your intranet

Spoiler
nifi.web.https.host=ourMacMini20 --> nifi.web.https.host=0.0.0.0

Browser Trust for Self-Signed Certificates

 

  • Problem: If you're using a self-signed certificate, browsers on other machines may block access or show warnings.

Solution:

  • Install the certificate from the NiFi server on the client machines' trusted certificate store.
  • Alternatively, use a certificate from a trusted Certificate Authority (CA).

Please let me know if that helped 

Happy hadooping



View solution in original post

558 Views
0
4 REPLIES 4

avatar
author-rank SAMSAL
Super Guru

Created on ‎12-20-2024 10:16 AM - edited ‎12-20-2024 10:16 AM

Hi,

Is the host name defined in the DNS? If not then use the IP address or machine FQDN  instead.

645 Views

avatar
author-rank Emery
Contributor

Created on ‎12-20-2024 10:30 AM - edited ‎12-20-2024 10:35 AM

gives the same ERR_CONNECTION_REFUSED

These work to the other services:

Where are you suggesting defining the host name in the DNS?

I have this defined in my local hosts file
192.168.7.138 ourMacMini20
 
ourMacMini20 is the name shown in settings for the Mac Mini.

It perplexes me that the other two services work without issues.
640 Views

avatar
author-rank Shelton
Master Mentor

Created on ‎12-22-2024 07:33 AM - edited ‎12-22-2024 07:35 AM

@Emery 
I think this should resolve your problem, change the nifi.web.https.host and  shown below so it binds to all network interfaces, allowing access from other machines in your intranet

Spoiler
nifi.web.https.host=ourMacMini20 --> nifi.web.https.host=0.0.0.0

Browser Trust for Self-Signed Certificates

 

  • Problem: If you're using a self-signed certificate, browsers on other machines may block access or show warnings.

Solution:

  • Install the certificate from the NiFi server on the client machines' trusted certificate store.
  • Alternatively, use a certificate from a trusted Certificate Authority (CA).

Please let me know if that helped 

Happy hadooping



559 Views
0

avatar
author-rank Emery
Contributor

Created ‎12-22-2024 12:39 PM

Hi Shelton,

Thanks very much for your help. I think this may be working. I'm going to continue testing it with the few of us who require access, but for now it's working from different browsers from my laptop. I had the certificates set up correctly from the start, and this setting seems to have done the trick.

Thanks again for your reply and assistance!

539 Views
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements