nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Witt <>
Subject Re: https connection fails with ERR_CONNECTION_CLOSED
Date Fri, 13 Nov 2015 12:42:41 GMT

So keep in mind the term 'template' in NiFi means a section of capture
configuration that if put on the graph becomes a live flow.  In Nifi
you're interacting with 'the flow' which can be one connecting thing
or many disconnected things.  The manipulation of the flow on the
graph is altering the actual running flow.  This a very different
model than the design and deploy approach one may be accustom to from
other tools.

Multiple users accessing different parts of the flow is certainly
possible whether it is secure or non-secure.  In secure mode you can
control their level of access to the entire flow (all flows) through
the user management screen.  However, if you are looking for
multi-tenant authorization whereby different users have different
levels of access to different parts of flow graph then that is on the
roadmap.  Here you can find more about it [1].

Regarding the certificate configuration I'll defer to others to
provide pointers there but perhaps you're also looking for username
and password based authentication.  That is also a roadmap item and is
slated to be part of the 0.4.0 release.  You can see more about that
here [2] and [3].



On Fri, Nov 13, 2015 at 4:35 AM, veeresh <> wrote:
> Hi All
> I have installed nifi on Hortonworks cluster in Azure cloud. Everting works
> just fine with non-secured mode (http). In this mode  multiple users cannot
> work on different templates. I followed the documentation
> (
> Question: For multiple users to work on different templates is it mandatory
> to enable https connection enabled?
> Referring to ( I have
> created keystore and trust store.
> My security setting of file look as below.
> hours
> From the browser I get ERR_CONNECTION_CLOSED error. When I try to connect to
> nifi using curl locally on the server itself. I get below error
> curl --verbose  --insecure
> * About to connect() to port 8089 (#0)
> *   Trying connected
> * Connected to ( port 8089 (#0)
> * Initializing NSS with certpath: sql:/etc/pki/nssdb
> * warning: ignoring value of ssl.verifyhost
> * skipping SSL peer certificate verification
> * NSS: client certificate not found (nickname not specified)
> * NSS error -5938
> * Closing connection #0
> curl: (35) NSS: client certificate not found (nickname not specified)
> Also enabled DEBUG mode in logback.xml to see any issue. But I don’t see any
> errors related to jetty security.
> Is there a clear documentation on how to generate the keystore/truststore.
> Is secured connections (https) tested on cloud/Azure. How can I enable
> multiple users to access nifi without https mode?
> Thanks in advance
> --
> View this message in context:
> Sent from the Apache NiFi Developer List mailing list archive at

View raw message