Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

[RESOLVED] : NIFI : LISTENHTTP SSL

Solved Go to solution
Highlighted

Re: [RESOLVED] : NIFI : LISTENHTTP SSL

New Contributor

Hi Mat,

 

Sorry to post my question here not getting the way out.

 

I have configured SSL with CA signed certs on the Server.By CA signed i mean actual CA and not NIFI CA.

I am using Nifi on a single machine without Ambari.

 

Now i want a client to authenticate and use nifi , how to create the client cert so that it authenticates to the CA signed cert on server.

 

Re: [RESOLVED] : NIFI : LISTENHTTP SSL

New Contributor

@mclark

I've changed my configuration Controller Service but I'm running an issue

I've checked all truststore/keystore on all the cluster, their use same passwd

8953-controller-service-ssl.jpg

8954-ssl-error-01.jpg

Re: [RESOLVED] : NIFI : LISTENHTTP SSL

Master Guru

It does not look like you provided you key password.

Re: [RESOLVED] : NIFI : LISTENHTTP SSL

New Contributor

@mclark

Now that ContextServiceSSL was enabled. I need to generate keystore for my client/user ?

Re: [RESOLVED] : NIFI : LISTENHTTP SSL

Master Guru

ListenHTTP requires 2-way SSL when enabled. So the client will also need a keystore and truststore. The Truststore on both your client and server will need to contain the trusted cert entry for each others client cert. If you used the same CA for both then you should be good. If not you will need to add the CA or trusted key entry (Public key from each private key entry.) to each others Truststores.

Don't have an account?
Coming from Hortonworks? Activate your account here