@jfs912 Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future. Thanks. ... View more

@doora Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future. Thanks. ... View more

@Darryl  You will certainly have issues using localhost even outside docker with a multi-node NiFi cluster since only the NiFi node installed in the same server as Keycloak would have any chance of connecting with Keycloak.   Understand that a NiFi cluster can bae accessed form any node in the NiFi cluster. So first thing i would have suggested is using the hostname of the actual server that is hosting Keycloak rather then localhost. I am not familiar with Keycloak myself and the article you reference (while i know the author) is very old. A lot has likely evolved/changes with regards to security since it was written.  Glad to hear you had some success even if it was outside of Docker and thank you with sharing what you learned with the community. Matt ... View more

@Darryl  Please start a new community question around your new keycloak integration issues with NiFi. Thank you, Matt ... View more

@BK84  The exception is caused by: Caused by: java.lang.IllegalStateException: The specified class 'org.apache.nifi.controller.state.providers.raft.RaftStateProvider' is not known to this nifi. Your NiFi knows nothing about this class meanung the nifi lib directory does not contain any nar that includes this class: org.apache.nifi.controller.state.providers.raft.RaftStateProvider I also see nothing in Apache NiFi Jira nor in the NiFi 2 documentation mentioning this class or any type of raft state provider. Looking at the properties configured with this provider class, they match the zookeeper properties.  So I suspect you should be using this class instead in your stet provider: org.apache.nifi.controller.state.providers.zookeeper.ZooKeeperStateProvider   Please help our community grow and thrive. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@Ghilani  The Invalid SNI is caused by the server certificate presented in the TLS exchange not containing a SubjectAlternativeName (SAN) matching the hostname in the request URL. Valid SAN entries are required by the latest version of Java. The solution is to issue new certificates for your NiFi instance(s) that contain all possible SANs used when connecting to the NiFi. So you should have a SAN entry for you NiFi hostname as well as any alternative names used in connection URLs like "nifi" coming form your proxy to NiFi. Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@Matt  Thank you so much this has been a big help! ... View more

@AbhiTryingAgain Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future. Thanks. ... View more

@ose_gold Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future. Thanks. ... View more

@ayu_dev  Welcome to the Cloudera Community. Please start a new Cloudera Community question rather then adding a new thread on an existing question from over a year ago.  You'll get much better traction there.  Your query is unrelated to the original question in this thread around log rotation and retention policies. Fell free to ping me in your new community question and I'll be happy to take a look. Thank you, Matt ... View more