Support Questions

Emery · ‎12-20-2024

Hi,

I can't seem to figure out why I'm unable to reach my NiFi GUI from computers on our intranet other than where it's installed.

nifi.properties has these entries (nothing on the http settings)

nifi.web.https.host=ourMacMini20

nifi.web.https.port=9444

nifi.web.https.network.interface.default=

nifi.web.https.application.protocols=h2 http/1.1

nifi.web.jetty.working.directory=./work/jetty

nifi.web.jetty.threads=200

nifi.web.max.header.size=16 KB

nifi.web.proxy.context.path=

nifi.web.proxy.host=

nifi.web.max.content.size=

nifi.web.max.requests.per.second=30000

nifi.web.max.access.token.requests.per.second=25

nifi.web.request.timeout=60 secs

nifi.web.request.ip.whitelist=

nifi.web.should.send.server.version=true

nifi.web.request.log.format=%{client}a - %u %t "%r" %s %O "%{Referer}i" "%{User-Agent}i"

From the computer itself where the installation occurs this works:

https://ourmacmini20:9444/nifi/

For other computers (where certificates are installed) this message is shown

This site can’t be reached

ourmacmini20 refused to connect.

ERR_CONNECTION_REFUSED

No error messages appear in any log files.

This is what seems to point to some NiFi setting being incomplete. Two other services run on that computer and they are reachable from other computers:

http://ourmacmini20:8080/

and

https://ourmacmini20:9443/#!/auth

Please any suggestions as to what I'm overlooking?

Thank you!

Shelton · ‎12-22-2024

@Emery
I think this should resolve your problem, change the nifi.web.https.host and shown below so it binds to all network interfaces, allowing access from other machines in your intranet

Spoiler

nifi.web.https.host=ourMacMini20 --> nifi.web.https.host=0.0.0.0

Browser Trust for Self-Signed Certificates

Problem: If you're using a self-signed certificate, browsers on other machines may block access or show warnings.

Solution:

Install the certificate from the NiFi server on the client machines' trusted certificate store.
Alternatively, use a certificate from a trusted Certificate Authority (CA).

Please let me know if that helped

Happy hadooping

View solution in original post

SAMSAL · ‎12-20-2024

Hi,

Is the host name defined in the DNS? If not then use the IP address or machine FQDN instead.

Emery · ‎12-20-2024

https://192.168.7.138:9444/nifi/

gives the same ERR_CONNECTION_REFUSED

These work to the other services:

https://192.168.7.138:9443/#!/auth

http://192.168.7.138:8080/

Where are you suggesting defining the host name in the DNS?

I have this defined in my local hosts file

192.168.7.138 ourMacMini20

ourMacMini20 is the name shown in settings for the Mac Mini.

It perplexes me that the other two services work without issues.

Shelton · ‎12-22-2024

@Emery
I think this should resolve your problem, change the nifi.web.https.host and shown below so it binds to all network interfaces, allowing access from other machines in your intranet

Spoiler

nifi.web.https.host=ourMacMini20 --> nifi.web.https.host=0.0.0.0

Browser Trust for Self-Signed Certificates

Problem: If you're using a self-signed certificate, browsers on other machines may block access or show warnings.

Solution:

Install the certificate from the NiFi server on the client machines' trusted certificate store.
Alternatively, use a certificate from a trusted Certificate Authority (CA).

Please let me know if that helped

Happy hadooping

Emery · ‎12-22-2024

Hi Shelton,

Thanks very much for your help. I think this may be working. I'm going to continue testing it with the few of us who require access, but for now it's working from different browsers from my laptop. I had the certificates set up correctly from the start, and this setting seems to have done the trick.

Thanks again for your reply and assistance!

Cloudera Community

Support Questions

NiFi ERR_CONNECTION_REFUSED from other computers than where it's installed