Referred this article: https://community.hortonworks.com/articles/58009/hdf-20-enable-ssl-for-apache-nifi-from-ambari.html
From this section:
3. Generate client certificate
But there is no config.json file created and also getting some java errors at below steps:
]#./files/nifi-toolkit-*/bin/tls-toolkit.sh client -c xxxx -D 'CN=nifiadmin, OU=xxx' -p 10443 -t xxx -T pkcs12
Exception in thread "main" java.lang.UnsupportedClassVersionError: org/apache/nifi/toolkit/tls/TlsToolkitMain : Unsupported major.minor version 52.0
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClass(ClassLoader.java:803)
at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:142)
at java.net.URLClassLoader.defineClass(URLClassLoader.java:442)
at java.net.URLClassLoader.access$100(URLClassLoader.java:64)
at java.net.URLClassLoader$1.run(URLClassLoader.java:354)
at java.net.URLClassLoader$1.run(URLClassLoader.java:348)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:347)
at java.lang.ClassLoader.loadClass(ClassLoader.java:425)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:312)
at java.lang.ClassLoader.loadClass(ClassLoader.java:358)
at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:482)There are two files available with.json
config-server.json and config-client.json but 'ketstorepassword' is not there. Also there is no correct hostname, CN and OU details.
~]# cat ./files/nifi-toolkit-1.2.0.3.0.1.1-5/conf/config-client.json
{
"keyStore" : "clientKeyStore",
"keyStoreType" : "jks",
"token" : "myTestTokenUseSomethingStronger",
"dn" : "CN=otherHostname,OU=NIFI",
"port" : 8443,
"caHostname" : "localhost",
"trustStore" : "clientTrustStore",
"trustStoreType" : "jks",
"days" : 1095,
"keySize" : 2048,
"keyPairAlgorithm" : "RSA",
"signingAlgorithm" : "SHA256WITHRSA"
}
