Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

NiFi PostHTTP ListenHTTP Example

Highlighted

NiFi PostHTTP ListenHTTP Example

Super Collaborator

Hi,

We are having issues to setup Site-2-Site connectivity between our local windows instance and remote Linux instance. The local one is setup to use SSL,LDAP authentication where as the remote HDF is using SSL,Kerberos authentication.

after spending a lot of time we couldn't connect those 2 systems using S2S and HW confirmed we need to go Kerberos on the window server also to be able to connect using S2S and suggested PostHTTP --> ListenHTTP to achieve similar functionality.

has anyone done this? if so can you please send a template or an example..

Regards,

Sai

5 REPLIES 5
Highlighted

Re: NiFi PostHTTP ListenHTTP Example

Master Guru
@Saikrishna Tarapareddy

NiFi Site-To-SIte (S2S) only uses TLS/SSL authentication when communicating between NiFi instances.

What errors are you seeing on your nifi-app.log?

The TLS handshake that occurs during S2S requires two-way authentication. This means the certificates issued to the NiFi instances (PrivateKeyEntry in the configured keystore in nifi.properties) must be configured with an extended keys usage that allows that certificate to be used for both ClientAuth and ServerAuth.

Do you have same issue using either "RAW" or "HTTP" transfer methods in the RPG?

Thanks,

Matt

Highlighted

Re: NiFi PostHTTP ListenHTTP Example

Super Collaborator

@Matt Clarke

Hi Matt,

Thanks for your reply. that's what I thought. but for reason I was told that we cant connect with our existing set up of Windows,SSL,LDAP to Linux,SSL,Kerberos, Ranger plugin enabled.

I am not an expert in certificates and am looking for help and looking solve this for a long time.

since I cannot get this to work I am using SFTP to remote site and then consuming from there.

would you be able to help if I open another case.?

Regards,

Sai

Highlighted

Re: NiFi PostHTTP ListenHTTP Example

Super Collaborator

@Matt Clarke

and also at one point we were able to access it thru "anonymous" user when I created that user in ranger and granted access to all NiFi resources. but when I remove "anonymous" user we were getting "Unauthorized" errors.

Highlighted

Re: NiFi PostHTTP ListenHTTP Example

Master Guru

@Saikrishna Tarapareddy

You can open a case, but I am stretched very thin on time. Support should be able to assist you here with coming to a solution that works.

Is your target NiFi able to use a RPG to redistribute data to itself successfully with proper authorization?

Highlighted

Re: NiFi PostHTTP ListenHTTP Example

Super Collaborator

@Matt Clarke

Yes , I am able to use RPG and use S2S on my target.

I will open another ticket , just hoping it gets to the people who dealt with these kinds earlier. last time I was told since we are using ranger plugin and it cant find the incoming user from local NiFi we are getting unauthorized errors.

Thank you.

Sai

Don't have an account?
Coming from Hortonworks? Activate your account here