Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Solved Go to solution

Problem with NIFI

Labels:
avatar
author-rank MWM
Contributor

Created ‎07-10-2023 07:59 AM 

Hi,
I'm new to nifi, I downloaded nifi, I'm trying to log in, but I can't enter the address:https://127.0.0.1:8443/
 2023-07-10 16:16:34,682 WARN [main] org.apache.nifi.web.server.JettyServer Failed to start web server... shutting down.
java.lang.IllegalStateException: Invalid nifi.web.https configuration in nifi.properties
at org.apache.nifi.web.server.connector.FrameworkServerConnectorFactory.<init>(FrameworkServerConnectorFactory.java:89)
at org.apache.nifi.web.server.JettyServer.configureConnectors(JettyServer.java:738)
at org.apache.nifi.web.server.JettyServer.init(JettyServer.java:207)
at org.apache.nifi.web.server.JettyServer.initialize(JettyServer.java:1074)
at org.apache.nifi.NiFi.<init>(NiFi.java:164)
at org.apache.nifi.NiFi.<init>(NiFi.java:83)
at org.apache.nifi.NiFi.main(NiFi.java:332)
Caused by: org.apache.nifi.security.util.TlsException: The truststore properties are not valid
at org.apache.nifi.security.util.SslContextFactory.getTrustManagers(SslContextFactory.java:181)
at org.apache.nifi.security.util.SslContextFactory.createSslContext(SslContextFactory.java:67)
at org.apache.nifi.web.server.connector.FrameworkServerConnectorFactory.<init>(FrameworkServerConnectorFactory.java:86)
... 6 common frames omitted
2023-07-10 16:16:34,685 INFO [Thread-0] org.apache.nifi.NiFi Application Server shutdown started
2023-07-10 16:16:34,686 INFO [Thread-0] org.apache.nifi.NiFi Application Server shutdown completed
Maybe someone knows why it's not working?
 
 
 
 


 
 

 

4,440 Views
0 Kudos
0
1 ACCEPTED SOLUTION

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎07-11-2023 06:22 AM

@MWM 

For good security reasons, NiFi does not support passwordless keystore and truststore files.
The password fields can not be blank.

Also keep in mind that the default "nifi.web.https.host=127.0.0.1" is localhost on the machine were you installed NiFi. So you will not be able to access this IP from any other machine. You'll need to use a browser installed on the same machine.


If you found that the provided solution(s) assisted you with your query, please take a moment to login and click Accept as Solution below each response that helped.

Thank you,

Matt

View solution in original post

4,366 Views
0 Kudos
0
3 REPLIES 3

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎07-10-2023 09:47 AM

@MWM 

The stack trace you provided from the logs indicates and issue with the truststore properties.

The truststore properties are not valid

 

You'll want to inspect the keystore and truststore properties in the nifi.properties configuration file.
Make sure none are blank or incorrect.

MattWho_0-1689007522421.png

 

I have seen this happen when the keystoreType and/or TruststoreType properties are blank (should be set to JKS or PKCS12 depending on your keystore format).

If you found that the provided solution(s) assisted you with your query, please take a moment to login and click Accept as Solution below each response that helped.

Thank you,

Matt

4,417 Views
0 Kudos

avatar
author-rank MWM
Contributor

Created ‎07-10-2023 11:02 PM

Hi @MattWho 

My nifi.properties file looks fine I think:

# security properties #
nifi.sensitive.props.key=nN9mVm0kCmsmO1CwC+ODWFNr9kFjHyZX
nifi.sensitive.props.key.protected=
nifi.sensitive.props.algorithm=NIFI_PBKDF2_AES_GCM_256
nifi.sensitive.props.additional.keys=

nifi.security.autoreload.enabled=false
nifi.security.autoreload.interval=10 secs
nifi.security.keystore=./conf/keystore.p12
nifi.security.keystoreType=PKCS12
nifi.security.keystorePasswd=
nifi.security.keyPasswd=
nifi.security.truststore=./conf/truststore.p12
nifi.security.truststoreType=PKCS12
nifi.security.truststorePasswd=
nifi.security.user.authorizer=single-user-authorizer
nifi.security.allow.anonymous.authentication=false
nifi.security.user.login.identity.provider=single-user-provider
nifi.security.user.jws.key.rotation.period=PT1H
nifi.security.ocsp.responder.url=
nifi.security.ocsp.responder.certificate=

So I don't know where is problem unfortunately...



4,388 Views
0 Kudos

avatar
author-rank MattWho author-rank
Master Mentor

Created ‎07-11-2023 06:22 AM

@MWM 

For good security reasons, NiFi does not support passwordless keystore and truststore files.
The password fields can not be blank.

Also keep in mind that the default "nifi.web.https.host=127.0.0.1" is localhost on the machine were you installed NiFi. So you will not be able to access this IP from any other machine. You'll need to use a browser installed on the same machine.


If you found that the provided solution(s) assisted you with your query, please take a moment to login and click Accept as Solution below each response that helped.

Thank you,

Matt

4,367 Views
0 Kudos
0
Announcements
What's New @ Cloudera
[RELEASED] Cloudera Streaming Analytics - Kubernetes Operato...
What's New @ Cloudera
[RELEASED] Cloudera Streams Messaging - Kubernetes Operator ...
Community Announcements
February 2025 Community Highlights
What's New @ Cloudera
3 Benefits of External IDE Connectivity, Now Available in Cl...
What's New @ Cloudera
Performance comparison of Spark3 on YARN with S3 Standard VS...
View More Announcements