Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Nifi - Trusted SSL configuration With HDF

avatar
author-rank Anishkumarv
Contributor

Created ‎06-07-2017 03:08 PM

Hi Team,

I am trying to configure SSL in nifi - HDF but i am getting "invalid cert authority error".

The same trusted cert workig in standalone nifi.

Do we need to specify anything for Hdf- Nifi? for trusted ssl setup

Please provide your input to close this thread.

1,448 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎06-07-2017 03:28 PM

@Anishkumar Valsalam

Standalone NiFi instances have no need to perform and 2-way TLS negotiations. Once you cluster, NiFi nodes need to communicate with each other and that negotiation uses 2-way TLS. Not sure where you got your keystore and truststore files from, but you need to verify that the contents of both are correct. The truststore.jks file should contain the necessary trustedCertEntries so that it can trust the client certificate being presented from the other nodes in your cluster.

Matt

View solution in original post

1,241 Views
0 Kudos
0
3 REPLIES 3

avatar
author-rank Anishkumarv
Contributor

Created ‎06-07-2017 03:09 PM

@Matt Clarke

So many issues while configuring HDF, need your inputs to close this thread brother.

1,241 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎06-07-2017 03:28 PM

@Anishkumar Valsalam

Standalone NiFi instances have no need to perform and 2-way TLS negotiations. Once you cluster, NiFi nodes need to communicate with each other and that negotiation uses 2-way TLS. Not sure where you got your keystore and truststore files from, but you need to verify that the contents of both are correct. The truststore.jks file should contain the necessary trustedCertEntries so that it can trust the client certificate being presented from the other nodes in your cluster.

Matt

1,242 Views
0 Kudos
0

avatar
author-rank Anishkumarv
Contributor

Created ‎06-07-2017 05:40 PM

Thanks Matt , It seems becuase of corrupted keystore after replaced with the valid keystore it was resolved. 🙂

1,241 Views
0 Kudos
Announcements
Community Announcements
April 2025 Cloudera Customer Advisory: Cloudera’s response t...
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
View More Announcements