I am running a cluster with tls
what commands I used to create tls, perhaps something was not indicated in them:.
I have crt and key my company
- openssl pkcs12 -export -in /etc/nifi/certs/wibe.t.crt -inkey /etc/nifi/certs/wibe.t.key -out /etc/nifi/certs/pkcs12_file.p12 -name nifi_alias -CAfile /etc/pki/CA.pem -caname root -password pass:qwerty231
keytool -importkeystore -deststorepass "keystore_password" -destkeypass "keystore_password" -destkeystore /etc/nifi/certs/nifi_keystore.jks -srckeystore pkcs12_file.p12 -srcstoretype PKCS12 -srcstorepass "pkcs12_password" -alias nifi_alias
- keytool -import -trustcacerts -alias root -file /etc/pki/CA.pem -noprompt -keystore /etc/nifi/certs/nifi_truststore.jks -storepass "truststore_password"
at first I could not collect a quorum, then this problem went away and the cluster chose a leader, work is done with external zookeepers on three servers
no errors, only warning
2023-05-04 16:06:34,116 WARN [main] o.a.nifi.controller.StandardFlowService Failed to connect to cluster due to: org.apache.nifi.cluster.protocol.ProtocolException: Failed marshalling 'CONNECTION_REQUEST' protocol message due to: java.net.SocketException: Broken pipe (Write failed)
2023-05-04 16:06:39,119 INFO [main] o.a.n.c.c.n.LeaderElectionNodeProtocolSender Determined that Cluster Coordinator is located at 10.1.4.2:9082; will use this address for sending heartbeat messages
2023-05-04 16:06:39,119 INFO [main] o.a.n.c.p.AbstractNodeProtocolSender Cluster Coordinator is located at 10.1.4.2:9082. Will send Cluster Connection Request to this address
2023-05-04 16:06:39,236 WARN [main] o.a.nifi.controller.StandardFlowService Failed to connect to cluster due to: org.apache.nifi.cluster.protocol.ProtocolException: Failed marshalling 'CONNECTION_REQUEST' protocol message due to: java.net.SocketException: Broken pipe (Write failed)
2023-05-04 16:06:44,239 INFO [main] o.a.n.c.c.n.LeaderElectionNodeProtocolSender Determined that Cluster Coordinator is located at 10.1.4.2:9082; will use this address for sending heartbeat messages
2023-05-04 16:06:44,240 INFO [main] o.a.n.c.p.AbstractNodeProtocolSender Cluster Coordinator is located at 10.1.4.2:9082. Will send Cluster Connection Request to this address
2023-05-04 16:06:44,373 WARN [Process Cluster Protocol Request-19] o.a.n.c.p.impl.SocketProtocolListener Failed processing protocol message from 10.1.4.2 due to Extended key usage does not permit use for TLS client authentication
the web version does not start, such an error hangs and does not go further
The Flow Controller is initializing the Data Flow.
statute of nifi and zookeeper on all servers zookeepe asset in quorum
