Cloudera Community

Support Questions

Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
Celebrating as our community reaches 100,000 members! Thank you!
Solved Go to solution

Unable to upgrade TLSv1.2 in Nifi 1.5

Labels:
avatar
author-rank vk21
New Contributor

Created ‎01-21-2022 08:36 AM

We're trying to upgrade from TLSv1.0 to TLSv1.2 for the below configuration but getting error as attached.tls error.PNG
These are the installed versions
HDF: 3.1.0
Nifi: 1.5.0.3.1.0.0-564
Ambari: 2.6.2.2
HDP: 2.6.5.1100.

 

we have tried following the steps from this page and it didn't worked as well.

https://community.cloudera.com/t5/Support-Questions/Nifi-SSL-TLS-qestion/td-p/285528

Kindly help me to resolve this issue.

1,470 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank MattWho author-rank
Super Mentor

Created ‎01-25-2022 12:53 PM

@vk21 

 

You are running in to a known bug in that version of Apache NiFi.  The bug was addressed in Apache NiFi 1.14.  Upgrading Apache NiFi 1.5 to 1.14 would solve the issue for you.

Here are the bugs that addressed the issue:
https://issues.apache.org/jira/browse/NIFI-8281
https://issues.apache.org/jira/browse/NIFI-8630

 

If you found this response assisted with your query, please take a moment to login and click on "Accept as Solution" below this post.

Thank you,

Matt

View solution in original post

1,415 Views
0 Kudos
4 REPLIES 4

avatar
author-rank vk21
New Contributor

Created ‎01-24-2022 09:08 AM

  1. At first java security files was not disabling the TLSv1 & TLSv1.1 protocols. Due to this NiFi PutEmail processor was giving error mentioned in screen shot#1 below: 

vk21_4-1643044042529.png

 

  1. After we disabled TLSv1 and TLSv1.1 in security file by putting below line in java security file we are getting error mentioned in screen shot#2.

 $JAVA_HOME/jre/lib/security/java.security

jdk.tls.disabledAlgorithms=SSLv3, TLSv1, TLSv1.1, SSLv2Hello, RC4, DES, MD5withRSA, \

                DH keySize < 1024, EC keySize < 224, 3DES_EDE_CBC, anon, NULL, \

                include jdk.disabled.namedCurves

 

vk21_5-1643044042730.png

 

 Is there a way to restrict PutEmail Processor to use TLSv1.2 while sending request to SMTP server?

1,432 Views
0 Kudos

avatar
author-rank MattWho author-rank
Super Mentor

Created ‎01-25-2022 12:53 PM

@vk21 

 

You are running in to a known bug in that version of Apache NiFi.  The bug was addressed in Apache NiFi 1.14.  Upgrading Apache NiFi 1.5 to 1.14 would solve the issue for you.

Here are the bugs that addressed the issue:
https://issues.apache.org/jira/browse/NIFI-8281
https://issues.apache.org/jira/browse/NIFI-8630

 

If you found this response assisted with your query, please take a moment to login and click on "Accept as Solution" below this post.

Thank you,

Matt

1,416 Views
0 Kudos

avatar
author-rank vk21
New Contributor

Created on ‎01-31-2022 08:33 AM - edited ‎01-31-2022 08:41 AM

Can we upgrade HDF 3.1.0 directly to 3.5 without upgrading Amabri and HDP? and if not, is there any document guiding how we can upgrade from HDF 3.1.0 to HDF 3.5.

1,386 Views
0 Kudos

avatar
author-rank MattWho author-rank
Super Mentor

Created ‎01-31-2022 02:05 PM

@vk21 

 

This question is not related to the original question in this post.  I recommend starting a new question, so as to avoid confusion via a new conversation when this post already has an accepted solution.

Thanks,

Matt

1,374 Views
0 Kudos
Announcements
Product Announcements
[ANNOUNCE] Cloudera on Public Cloud Runtime 7.2.18 is GA!
What's New @ Cloudera
Cloudera Operational Database (COD) supports enhancements to...
Community Announcements
March 2024 Community Highlights
Community Announcements
Celebrating 100,000 Members: A Journey of Growth and Connect...
Product Announcements
[ANNOUNCE] New Cloudera JDBC Connector for Apache Hive 2.6.2...
View More Announcements