Support Questions

Find answers, ask questions, and share your expertise
Celebrating as our community reaches 100,000 members! Thank you!

Nifi setting up ListenFTP - SSL settings


I'm having difficulty with this processor and making sure I get all the security stuff correct.


I've got no problem with everything downstream, but when it comes to Keystore/Truststore stuff I'm like a potato in a forgotten cellar. 


For now, just to test, I have this (nifi 1.15.3):




And the SSL Context:


Where my jks was generated using (with testing values)
keytool -genkey -alias nifi-ftps -keyalg RSA -keypass MyKeyPass312 -storepass MyStorePass312 -keystore nftp.jks


When I log on with Filezilla it gets to this point:
Status: Connecting to my.server.ip...
Status: Using username "nifitest".
Status: Access denied
Error: Authentication failed.
Error: Critical error: Could not connect to server


Which I assume means the ports etc are all good and it can connect to the Processor - but I'm missing something in my SSL settings. I have tried changing FileZilla to use a key file but it only uses PPK or PEM files.


This is my java version:


sudo java -version
openjdk version "1.8.0_312"
OpenJDK Runtime Environment (build 1.8.0_312-8u312-b07-0ubuntu1~20.04-b07)
OpenJDK 64-Bit Server VM (build 25.312-b07, mixed mode)



Master Collaborator

Have you tested ListenFTP without setting SSLContextService? just to make sure supplied username and password is correct?



@ckumar yes I have - the username and passwords are correct.


@Tokolosk I would recommend that you provide java's cacerts as the keystore/truststore with the default password (changeit).  This will work for most public certs.    If you have a custom cert at the SFTP end you will need to import that cert and create your own keystore/truststore.  I always try cacerts first.