nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From veeresh <veereshs...@gmail.com>
Subject https connection fails with ERR_CONNECTION_CLOSED
Date Fri, 13 Nov 2015 09:35:37 GMT
Hi All
I have installed nifi on Hortonworks cluster in Azure cloud. Everting works
just fine with non-secured mode (http). In this mode  multiple users cannot
work on different templates. I followed the documentation
(https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#security-configuration).


Question: For multiple users to work on different templates is it mandatory
to enable https connection enabled?

Referring to (http://wiki.eclipse.org/Jetty/Howto/Configure_SSL) I have
created keystore and trust store.
My security setting of  nifi.properties file look as below.

nifi.security.keystore=/home/hortonhdp/nifi-0.3.0/keystore
nifi.security.keystoreType=JKS
nifi.security.keystorePasswd=nifi123
nifi.security.keyPasswd=nifi123
nifi.security.truststore=/home/hortonhdp/nifi-0.3.0/keystore
nifi.security.truststoreType=JKS
nifi.security.truststorePasswd=nifi123
nifi.security.needClientAuth=true
nifi.security.user.credential.cache.duration=24 hours
nifi.security.user.authority.provider=file-provider
nifi.security.support.new.account.requests=
nifi.security.ocsp.responder.url=
nifi.security.ocsp.responder.certificate=

>From the browser I get ERR_CONNECTION_CLOSED error. When I try to connect to
nifi using curl locally on the server itself. I get below error

curl --verbose  --insecure  https://sandbox.hortonworks.com:8089/nifi
* About to connect() to sandbox.hortonworks.com port 8089 (#0)
*   Trying 10.0.0.4... connected
* Connected to sandbox.hortonworks.com (10.0.0.4) port 8089 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
* warning: ignoring value of ssl.verifyhost
* skipping SSL peer certificate verification
* NSS: client certificate not found (nickname not specified)
* NSS error -5938
* Closing connection #0
curl: (35) NSS: client certificate not found (nickname not specified)

Also enabled DEBUG mode in logback.xml to see any issue. But I don’t see any
errors related to jetty security.

Is there a clear documentation on how to generate the keystore/truststore.
Is secured connections (https) tested on cloud/Azure. How can I enable
multiple users to access nifi without https mode?

Thanks in advance

 
 



--
View this message in context: http://apache-nifi-developer-list.39713.n7.nabble.com/https-connection-fails-with-ERR-CONNECTION-CLOSED-tp4833.html
Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.

Mime
View raw message