Support Questions
Find answers, ask questions, and share your expertise
Check out our newest addition to the community, the Cloudera Innovation Accelerator group hub.

NiFi controller service not able to use keystore/trustore cert files

Expert Contributor



I have built a kafka cluster with 2was ssl security, so have keystore and trustore files for client to use.

These trustore.jks and keystore.jks files works fine with Kafka command line tool - able to produce and consume kafka messages.

Also used keytool list option to make sure that password works fine 

[keytool -list -v -keystore kafka.client.keystore.jks -- this works fine with the password]


But the issue is when I try to use the same in Nifi kafka Publish or Consume processors.

When I create SSL context controller service and set the certs and password with type 'JKS' it complains that password or type is invalid..

Have attached screenshots of the error in nifi controller service config.





Not sure why only NiFi is unable to use when kafka command line tool is able to use it successfully.
Also keytool works with the same password.


Any suggestion/hint would be much appreciated.
Thanks in advance.