nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From M Singh <mans2si...@yahoo.com>
Subject Re: Nifi GetHttp https endpoint keystore password error
Date Fri, 06 Nov 2015 18:13:49 GMT
Yes Aldrin, you are right, I am accessing a rest service using their https endpoint.
Thanks again for your help. 


     On Thursday, November 5, 2015 8:07 PM, Aldrin Piri <aldrinpiri@gmail.com> wrote:
   

 You would want this just for the truststore.  The keystore comes into play when you are
looking at doing two-way or mutual SSL. 
In your case, and please correct me if I am wrong, you are just looking to access content
from an HTTPS site that is publicly available (like https://www.google.com/).  The truststore
just provides a way of vetting the specified endpoint as being as anticipated.
On Thu, Nov 5, 2015 at 10:57 PM, M Singh <mans2singh@yahoo.com> wrote:

Hi Aldrin:
The password was the issue as you mentioned and that resolved my issue.
I filled the same info for both keystore and truststore but am not sure if both are required. 
Would it help to have some documentation on whether keystore or truststore or both are required
and how to trouble shoot the store type and protocol misconfiguration issue.
Thanks again for your help.
Mans 


     On Thursday, November 5, 2015 3:58 PM, Aldrin Piri <aldrinpiri@gmail.com> wrote:
   

 Hi Mans,
Quite all right and SSL can be a bit overwhelming for those not familiar.
We had a user with similar issues as you, please check out the associated thread here: https://mail-archives.apache.org/mod_mbox/nifi-users/201509.mbox/%3CEB8BF379-164B-49D0-82B5-7043F2891FC1@gmail.com%3E
In summary and with the assumption you are just trying to access a public HTTPS site, you
should be able to configure the truststore with the path as you expected, but the password
is "changeit" by default and not your password.
Let us know if you are still experiencing issues.
For the rest of the community, this is something we need to make easier and more obvious whether
it is merely documentation or other mechanism within the UI itself.
Thanks!
On Thu, Nov 5, 2015 at 6:51 PM, M Singh <mans2singh@yahoo.com> wrote:

Hi:
I am trying to access a https endpoint using GetHttp processor and being a newbie am having
trouble.  I am on a Mac with Java 1.8 and nifi version 0.3.1-SNAPSHOT.
In the GetHttp properties - when I set the url to the https endpoint without any other setting,
I get an error that no ssl context has been specified.
On setting the ssl context to StandardSSLContextService - I get a arrow icon to set the properties
of the SSL controller.  I am not sure what values are required for this dialog box (Keystore
file, password, type, Truststore file, password, type and ssl protocol).  I've tried tls
and pointing the keystore and truststore files to $JAVA_HOME/Contents/Home/jre/lib/security/cacerts
with type jks and my password but i get an error indicating that the keystore password is
invalid.  

This is the first time I am dealing with keystore/truststores so am definitely missing something
basic, but if anyone has any pointers to how to I can resolve this, please let me know.
Thanks.



   



  
Mime
View raw message