nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Di Domenico <mdidomeni...@gmail.com>
Subject Re: invokehttp, ssl, proxy debug
Date Tue, 14 May 2019 18:51:06 GMT
for anyone that might see this message as part of websearch.  i did
resolve my issue, i had to load in my web proxy settings via JVM
options and remove them from the invokehttp process.  i'm not sure why
that is, seems counter intuitive, but that's what fixed it.

On Mon, May 13, 2019 at 10:39 AM Michael Di Domenico
<mdidomenico4@gmail.com> wrote:
>
> I'm trying to setup a flow where an invokehttp process does a put to a
> remove webserver.  the remote webserver uses ssl and there is an ssl
> proxy server on my network i must go through to first.
>
> i have the sslcontextservice running with the key trust stores running
> for the invokehttp process.  and i can connect to my nifi instance via
> ssl
>
> however, when the invokehttp process is triggered, i get this in the log
>
> 2019-05-13 10:26:28,699 ERROR [Timer-Driven Process Thread-2]
> o.a.nifi.processors.standard.InvokeHTTP
> InvokeHTTP[id=a2046302-016a-1000-940e-07f6f5992610] Routing to Failure
> due to exception: javax.net.ssl.SSLHandshakeException: Remote host
> closed connection during handshake:
> javax.net.ssl.SSLHandshakeException: Remote host closed connection
> during handshake
> javax.net.ssl.SSLHandshakeException: Remote host closed connection
> during handshake
>         at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:994)
>         at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
>         at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)
>         at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
>         at okio.Okio$1.write(Okio.java:79)
>         at okio.AsyncTimeout$1.write(AsyncTimeout.java:180)
> ...snipped...
>
> something is clearly wrong, but i'm not sure how to debug it.  my
> proxy server uses a self-signed cert, but i loaded the CA cert into
> sslcontextservice truststore

Mime
View raw message