Yes - I have tried that , I am prompted for the passphrase and I have provided the same in the configuration - Juthika ... View more

I have created a public and private key for sftp communication - I have updated the processor with the private key, passphase and Host key information as below - Password Sensitive value set Private Key Path /home/jshenoy/.ssh/id_rsa Private Key Passphrase Host Key File /home/jshenoy/.ssh/known_hosts I dont get any error still but the putSFTP is not working - Could you pls help ? ... View more

I updated according to the log , everything works perfectly now - Thanks very much for your help Juthika ... View more

I am getting this error Can you please suggest what I should fix ?Thanks Juthika ... View more

Thank you very much, I thought its encrypted password , but I was able to use it to open truststore . 🙂 ... View more

Hi , I am not able to use the certs that I generated using a corporate tool to setup https login , so I went back to setting it up locally on my machine . I have the certs generated using the nifi-toolkit and updated properties etc , the server is up and running, but I cannot login . It could be because I need to add CA certs from my corporate browser to the truststore . But I cant open the truststore - looks like the toolkit ignored the password that I provided while generating the certs . DO you know what the default password is or how to find out what it generated ? Thanks Juthika ... View more

hi Bryan - Just to update you regarding this , I was able to get the unsecured cluster with 3 nodes working with only one instance of zookeeper. I had also removed secured login before . So, will be trying to make secure login work . Thanks ... View more

hi Bryan , Good Morning , Thanks , that was a typo - while I was documenting it for the post , I double checked it , it looks fine . What I did last night was removed all security config - followed pvilliard 's doc . I still get the same error. I am thinking if the ports are not available for communication . I tried this command for the ports that I configured (echo >/dev/tcp/localhost/10443) &>/dev/null && echo "TCP port 10443 open" || echo "TCP port 10443 close" TCP port 10443 close Telnet also shows as connection refused . ... View more

Thanks Bryan for the quick response .I have a 3 node cluster , I am running ZK on all the nodes . I have nifi.properties as below on all three nodes with host names updated accordingly nifi.state.management.embedded.zookeeper.start=true nifi.zookeeper.connect.string=apsrt3391:2181,apsrt3390:2181,apsrt3401:2181 ------------------------------------------- nifi.cluster.is.node=true nifi.cluster.node.address=apsrt3391 nifi.cluster.node.protocol.port=11443 nifi.cluster.node.protocol.threads=10 nifi.cluster.node.event.history.size=25 nifi.cluster.node.connection.timeout=5 sec nifi.cluster.node.read.timeout=5 sec nifi.cluster.firewall.file= -------------------------------------------------------------- nifi.remote.input.host=apsrt3391 nifi.remote.input.secure=true nifi.remote.input.socket.port=10443 nifi.remote.input.http.enabled=true nifi.remote.input.http.transaction.ttl=30 sec ------------------------------------------------------------- nifi.web.war.directory=./lib nifi.web.http.host= nifi.web.http.port= nifi.web.https.host=apsrt3391 nifi.web.https.port=8443 Updated the State-Management.xml <property name="Connect String">apsrt3391:2181,apsrt3390:2181,apsrt3402:2181</property> And zookeeper.properties as server.1=apsrt3390:2888:3888 server.2=apsrt3391:2888:3888 server.3=apsrt3402:2888:3888 Also created myid file with 1, 2,3 respectively in 3390,3391,3402 I have created one certificate which has the names of all the servers , I have exported the public portion of the cert and placed it in truststore.jks . the same certificate and truststore is installed on all the servers . the authorizers.xml file looks like this . <authorizer> <identifier>file-provider</identifier> <class>org.apache.nifi.authorization.FileAuthorizer</class> <property name="Authorizations File">./conf/authorizations.xml</property> <property name="Users File">./conf/users.xml</property> <property name="Initial Admin Identity"></property> <property name="Legacy Authorized Users File"></property> <!-- Provide the identity (typically a DN) of each node when clustered, see above description of Node Identity. --> <property name="Node Identity 1">apsrt3390.ccc.com</property> <property name="Node Identity 2">apsrt3391.ccc.com</property> <property name="Node Identity 3">apsrt3402.ccc.com</property> </authorizer> </authorizers> If the dn for all the servers is the same ,can I just mention ccc.com ? Thanks very much for your help Juthika ... View more