@ThierryOfNantes  The "install" option for nifi.sh was removed as of NiFi 2.x release because of the nuisances of the many different linux distributions that exist today. I am not implying that is your issue here, but wanted you to be aware that I could be a contributing factor to your issue. Since you can successfully start NiFi manually using the ./bin/nifi.sh start command, NiFi is working fine.  So the permission issue is outside of NiFi.  What user are you logged in as when you issue the command systemctl start nifi?  Is that user able to sudo to your run.as user? Perhaps try enabling debug on your journalctl log to see ifget more detail on where the permission denied is coming from. Hope this helps, Matt ... View more

@jfs912   The NiFi toolkit was removed with the NiFi 2.0 releases.  See below for more details on why that decision was made. https://lists.apache.org/thread/vn1nzobtz4fh7fs461sgg8jj9zygrk0f I am not well versed on cetic helm charts, so not going to be able to provide specific guidance there.  The bottom line is there is nothing special about toolkit generated certficates.  I see no reason why you coudl not use the ca from cetic as long as the certificates meet the NiFi requirements for EKUs, SANs, Wildcards.. A NiFi or NiFi-Registry keystore: - Must contain ONLY one PrivateKeyEntry. - PrivateKeyEntry DN must not use wildcards. - PrivateKeyEntry  Extended Key Usage (EKU) must support ClientAuth and ServerAuth - PrivateKeyEntry must contain one or more SAN entries. A SAN must match the hostname used by NiFi A NiFi or NiFi-Registry Keystore. (typically same truststore is used by both): - Must contain the complete trust chain for at clientAuth Certificate used to connect with NIFi.  This includes any intermediate and root CA in the trust chain.  Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt   ... View more

@casaui  Your new issue is completely unrelated to your NiFi to NiFi-Registry MutualTLS authentication based issue in this community question.  I kindly ask that your start a new community question so that future users reading this question don't get confuse by multiple unrelated issues being discussed. If you found my assistance on this query helped you, please take a moment to click on "Accept as Solution" on the thread that helped guide you to resolution. Thank you, Matt ... View more

I think I cannot do that because I did not open this question. I do not have this "Accept as Solution" button. ... View more

@phadkev  Have you considered using the ValidateRecord processor instead of the ValidateJson? The ValidateRecord processor can be configured with a JSON reader.  The Json readers can be configured to use "Schema Text".  The Schema text property support expression language allowing you to extract the Schema you want to use from an inbound FlowFile attribute. Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more

@Sanga  What is the specific Apache NiFi version being used? Any disk space issues on Node-0? Any other exceptions in the NiFi logs? Logs shared cover the reconnection attempt.  What was the reason given for the node disconnection? Thank you, Matt ... View more

@Kiranq  Nothing stands out to me as problematic in the diagnostics output that relates to the stick FlowFile.  The verbose output indicates just 1 queued FlowFile on the canvas The Diagnostics output then tells us that this one FlowFile is queued in the connection with ID:  d8e8fe6e-38a5-3fee-8933-2e8c6bf55afa The UUID of the queued FlowFile is: ce9cbd21-455b-4191-80bc-6598609b71a1 Details of this One FlowFile:   If you clear out the FlowFile, does the very next FlowFile that enters this Process group get stuck?  Do FlowFiles only get stuck in front of this one specific processor and everywhere else FlowFiles are being processed fine? How is this specific process group configured? Can you list the connection and verify the content of this FlowFile looks correct? Have you tried adjusting NiFi's logging to DEBUG to see if any useful Debug output is produced for the issue? Thanks, Matt ... View more

We would need to understand first if the issue is on the CM-agent or on the Nifi-registry. Simply describing if the nifi-registry did not start at all or did start but then failed would help in knowing if the issue is with CM-agent or nifi-registry itself. ... View more

@mansmaan  I'm afraid there is not enough information shared yet to know exactly why you are experiencing a connection refused or connection reset issue from your NiFi node.  I was able to use InvokeHTTP with no issue to successfully get a response from the URL you provided.  I was able to view the weather data that was returned in json format. Have you tried to reach wttr.in directly from command line on the NiFi server? This sound like an environmental issue and not a NiFi invokeHTTP issue.    Please help our community grow. If you found any of the suggestions/solutions provided helped you with solving your issue or answering your question, please take a moment to login and click "Accept as Solution" on one or more of them that helped. Thank you, Matt ... View more