- Subscribe to RSS Feed
- Mark Question as New
- Mark Question as Read
- Float this Question for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Nifi - Trusted SSL configuration With HDF
- Labels:
-
Apache NiFi
-
Cloudera DataFlow (CDF)
Created ‎06-07-2017 03:08 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Team,
I am trying to configure SSL in nifi - HDF but i am getting "invalid cert authority error".
The same trusted cert workig in standalone nifi.
Do we need to specify anything for Hdf- Nifi? for trusted ssl setup
Please provide your input to close this thread.
Created ‎06-07-2017 03:28 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Standalone NiFi instances have no need to perform and 2-way TLS negotiations. Once you cluster, NiFi nodes need to communicate with each other and that negotiation uses 2-way TLS. Not sure where you got your keystore and truststore files from, but you need to verify that the contents of both are correct. The truststore.jks file should contain the necessary trustedCertEntries so that it can trust the client certificate being presented from the other nodes in your cluster.
Matt
Created ‎06-07-2017 03:09 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So many issues while configuring HDF, need your inputs to close this thread brother.
Created ‎06-07-2017 03:28 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Standalone NiFi instances have no need to perform and 2-way TLS negotiations. Once you cluster, NiFi nodes need to communicate with each other and that negotiation uses 2-way TLS. Not sure where you got your keystore and truststore files from, but you need to verify that the contents of both are correct. The truststore.jks file should contain the necessary trustedCertEntries so that it can trust the client certificate being presented from the other nodes in your cluster.
Matt
Created ‎06-07-2017 05:40 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Matt , It seems becuase of corrupted keystore after replaced with the valid keystore it was resolved. 🙂
