nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felipe Garcia <>
Subject unable to post updates api with user certificate.
Date Mon, 05 Aug 2019 00:30:06 GMT

a cluster of a few nifi boxes

setup to authenticate with LDAP

users and groups in LDAP

Issue 1: unable to specify an LDAP user as Initial User

I have only been able to set up the cluster with a client certificate user.

Issue 2: I am unable to use the API with the initial certificate user to
add an LDAP group.

I exported the cert and key into a usable format for curl

*# open*ssl pkcs12 -in /opt/nifi-certs/CN\=admin_OU\=NIFI.p12  -out
/opt/nifi-certs/CN\=admin_OU\=NIFI.key -nocerts -nodes

*# open*ssl pkcs12 -export -in /opt/nifi-certs/CN\=admin_OU\=NIFI.p12 -out
/opt/nifi-certs/CN\=admin_OU\=NIFI.pem -clcerts -nokeys -passin  'changeme'

I am able to query the API

curl -k -X GET --cert
/opt/nifi-certs/CN=admin_OU=NIFI.pem --key
/opt/nifi-certs/CN=admin_OU=NIFI.key --compressed

But I am unable to change or add via the API

 curl -k -X PUT -H 'Content-Type: application/json'
/opt/nifi-certs/CN=admin_OU=NIFI.pem --key
/opt/nifi-certs/CN=admin_OU=NIFI.key -d @/tmp/newpolicy.json

Unable to save Authorizations

I cannot create a token for a cert user

curl -k -X POST '' -H
'Accept-Encoding: gzip, deflate, br' -H 'Content-Type:
application/x-www-form-urlencoded; charset=UTF-8' -H 'Accept: */*' --cert
/opt/nifi-certs/CN\=admin_OU\=NIFI.pem --key
/opt/nifi-certs/CN\=admin_OU\=NIFI.key --compressed

The username and password must be specified.

View raw message