Re: securing nifi

Hello Simon, The instructions you might find online for creating a certificate for NiFi will be the same for 1.x as for 2.x. Nothing has changed there. If you are using a cert to authenticate to NiFi (whether the cert is for a person or a server), then the NiFi username is the full certificate "

securing nifi

hello, I'm using 2.0.0.-M4 (both nifi and registry) and I'm struggling to get the TLS to work. All the links I can find refer to using the DN from a cert and the tls-toolkit.sh but the modern nifi-toolkit contains no such script, only cli.sh I therefore see no way to generate the temporary certif

Re: Securing Nifi registry with nginx Error

> I am working on an ubuntu server. I do not have the possibility to generate the keychain and to access the graphical interface of nifi Where did you get the certificates if you are not able to generate the keychain yourself? It looks like whatever server cert you use for nginx and for the regist

Securing Nifi registry with nginx Error

I followed this tutorial to set up a secure version of Nifi registry: https://community.hortonworks.com/content/kbentry/170966/setting-up-a-secure-apache-nifi-registry.html I am working on an ubuntu server. I do not have the possibility to generate the keychain and to access the graphical interf

Re: Issue securing nifi with ca-server.

Henk, Thanks for following up and documenting this. I believe the deployment script is something custom you built, and not an artifact we offer, correct? We definitely made some improvements to the toolkit in 1.6.0, so the errors are clearer now. The minimum password length being enforced shoul

Re: Issue securing nifi with ca-server.

In response to this : Hey again, I resolved the problem with the ca-server. It was a combination of two problems. One, the deployment script was getting t

Re: Issue securing nifi with ca-server.

Hey Henk! Could you make any progress remote debugging your issue? Although not guaranteed to help, you may try and use strace to look into what's happening on the syscall level. For example I've ran this command after starting the server: strace -fp -s 100 2>&1 | grep -v clock_gettime | grep -v

Re: Issue securing nifi with ca-server.

Henk, I understand if you don’t want to share the value of your CA hostname, but can you please double check that it doesn’t contain any spaces or other characters that would need to be escaped? Using double quotes is usually recommended for these arguments, especially as the single quotes are

Re: Issue securing nifi with ca-server.

Hey Peter! in response to this . Thanks for being quick on your response. I added that -c parameter to the CA server setup, same issue occurs. That "&" i

Re: Issue securing nifi with ca-server.

Hey Henk! On Tue, Jun 5, 2018 at 2:34 AM, Henk Reder wrote: > Hello! > > My names Henk. I'm a web developer working on getting a nifi instance setup > for some integrations. > > Long story short, I setup this nifi deployment configuration back when > 1.5.0 was the latest version. Now that its 1.

Issue securing nifi with ca-server.

Hello! My names Henk. I'm a web developer working on getting a nifi instance setup for some integrations. Long story short, I setup this nifi deployment configuration back when 1.5.0 was the latest version. Now that its 1.6.0 everything works! ...except one thing. I'm currently using tls-toolkit