nifi-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bryan Bende <bbe...@gmail.com>
Subject Re: Problem for sending message to Secure Syslog from NiFi 1.11.3
Date Fri, 10 Apr 2020 14:13:08 GMT
Yes it supports mutual auth, as long you are using an SSL Context Service
that has a keystore.

What syslog server are you connecting to?

On Fri, Apr 10, 2020 at 10:07 AM muhyid72 <muhyid72@outlook.com> wrote:

> Hi Brayn,
>
> Thank you for your answer.
>
> In the first error, it looks like maybe you had PutSyslog configured for
> TLS/SSL, but were sending to a port that was not listening for TLS/SSL, but
> regular TCP.
>
> --> I suspected same thing therefore I tried same process (with Java JRE
> 1.8.0_241 (64 Bit)) through Logstash 7.3.1 with secure (TLS) configuration
> and it run.
>
> In the second error, it means the truststore in the SSL Context Service in
> NiFi, does not trust the certificate presented by the syslog server.
>
> --> I thought same thing and I added my certificate, root certificate,
> intermediate certificate (I mean all of them) to keystore, truststore and
> java cacert. I mean, I added all the certificates to almost all stores.
>
>
> I tried 2 different version of Java with same certificate configuration
> (stores, cacert etc) to make sure there was no problem with Java
>
> Java 8 Error: javax.net.ssl.SSLException: Inbound closed before receiving
> peer's close_notify: possible truncation attack?
>
> Java 11 Error: javax.net.ssl.SSLHandshakeException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
>
> I am using mutual authentication (two way authentication) for sending
> messages to syslog, Does NiFi support mutual authentication?
>
> Actually I am trying to replace LogStash with NiFi therefore mutual
> authentication part is critical
>
>
>
> --
> Sent from: http://apache-nifi-users-list.2361937.n4.nabble.com/
>

Mime
View raw message