Hi All I have installed nifi on Hortonworks cluster in Azure cloud. Everting works just fine with non-secured mode (http). In this mode multiple users cannot work on different templates. I followed the documentation (https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#security-configuration).
Question: For multiple users to work on different templates is it mandatory to enable https connection enabled? Referring to (http://wiki.eclipse.org/Jetty/Howto/Configure_SSL) I have created keystore and trust store. My security setting of nifi.properties file look as below. nifi.security.keystore=/home/hortonhdp/nifi-0.3.0/keystore nifi.security.keystoreType=JKS nifi.security.keystorePasswd=nifi123 nifi.security.keyPasswd=nifi123 nifi.security.truststore=/home/hortonhdp/nifi-0.3.0/keystore nifi.security.truststoreType=JKS nifi.security.truststorePasswd=nifi123 nifi.security.needClientAuth=true nifi.security.user.credential.cache.duration=24 hours nifi.security.user.authority.provider=file-provider nifi.security.support.new.account.requests= nifi.security.ocsp.responder.url= nifi.security.ocsp.responder.certificate= >From the browser I get ERR_CONNECTION_CLOSED error. When I try to connect to nifi using curl locally on the server itself. I get below error curl --verbose --insecure https://sandbox.hortonworks.com:8089/nifi * About to connect() to sandbox.hortonworks.com port 8089 (#0) * Trying 10.0.0.4... connected * Connected to sandbox.hortonworks.com (10.0.0.4) port 8089 (#0) * Initializing NSS with certpath: sql:/etc/pki/nssdb * warning: ignoring value of ssl.verifyhost * skipping SSL peer certificate verification * NSS: client certificate not found (nickname not specified) * NSS error -5938 * Closing connection #0 curl: (35) NSS: client certificate not found (nickname not specified) Also enabled DEBUG mode in logback.xml to see any issue. But I don’t see any errors related to jetty security. Is there a clear documentation on how to generate the keystore/truststore. Is secured connections (https) tested on cloud/Azure. How can I enable multiple users to access nifi without https mode? Thanks in advance -- View this message in context: http://apache-nifi-developer-list.39713.n7.nabble.com/https-connection-fails-with-ERR-CONNECTION-CLOSED-tp4833.html Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.
