devs, I may be missing something but for some reason I am unable to use RAW protocol in secure mode.
As par documentation I've set: nifi.remote.input.host=node1.textbed.internal nifi.remote.input.secure=true nifi.remote.input.socket.port=54321 nifi.remote.input.http.enabled=false nifi.remote.input.http.transaction.ttl=30 sec I then add the RPG to canvas. Ports get detected. However when I try to enable transmission the whole thing fails. Due to timing and content I suspect the following messages are related: 2016-12-09 00:15:26,306 DEBUG [Site-to-Site Worker Thread-145] o.a.n.r.p.s.SocketFlowFileServerProtocol SocketFlowFileServerProtocol[CommsID=6f1db517-7094-4500-9ad9-b511b6494744] Got Request Type REQUEST_PEER_LIST from Peer[url=nifi://producer.textbed.internal:35868] 2016-12-09 00:15:26,306 DEBUG [Site-to-Site Worker Thread-145] o.a.nifi.remote.SocketRemoteSiteListener Request type from SocketFlowFileServerProtocol[CommsID=6f1db517-7094-4500-9ad9-b511b6494744] is REQUEST_PEER_LIST 2016-12-09 00:15:26,308 INFO [Site-to-Site Worker Thread-145] o.a.n.c.c.n.LeaderElectionNodeProtocolSender Determined that Cluster Coordinator is located at node1.textbed.internal:1221; will use this address for sending heartbeat messages 2016-12-09 00:15:26,450 ERROR [Site-to-Site Worker Thread-145] o.a.nifi.remote.SocketRemoteSiteListener Unable to communicate with remote instance Peer[url=nifi://producer.textbed.internal:35868] (SocketFlowFileServerProtocol[CommsID=6f1db517-7094-4500-9ad9-b511b6494744]) due to java.lang.NullPointerException; closing connection 2016-12-09 00:15:26,456 ERROR [Site-to-Site Worker Thread-145] o.a.nifi.remote.SocketRemoteSiteListener java.lang.NullPointerException: null at org.apache.nifi.remote.SocketRemoteSiteListener$1$1.run(SocketRemoteSiteListener.java:280) ~[nifi-site-to-site-1.1.0.jar:1.1.0] at java.lang.Thread.run(Thread.java:745) [na:1.8.0_101] 2016-12-09 00:15:26,456 DEBUG [Site-to-Site Worker Thread-145] o.a.n.r.p.s.SocketFlowFileServerProtocol SocketFlowFileServerProtocol[CommsID=6f1db517-7094-4500-9ad9-b511b6494744] Shutting down with Peer[url=nifi://producer.textbed.internal:35868] 2016-12-09 00:15:28,591 INFO [Clustering Tasks Thread-3] o.a.n.c.c.ClusterProtocolHeartbeater Heartbeat created at 2016-12-09 00:15:28,483 and sent to node2.textbed.internal:1221 at 2016-12-09 00:15:28,591; send took 108 millis 2016-12-09 00:15:29,573 WARN [NiFi Web Server-280] org.eclipse.jetty.http.HttpParser Illegal character 0x0 in state=METHOD for buffer HeapByteBuffer@5c3ed51[p=5,l=32,c=17408,r=27]={NiFi\x00<<<\x16SocketFlowFileProtocol\x00\x00\x00\x06>>>1.1\r\nAccept: appl...\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00} On the client side (I am using MiNiFi as it is faster to debug) I can see (with debugging enabled): 2016-12-09 00:17:23,664 DEBUG [NiFi Site-to-Site Connection Pool Maintenance] o.apache.nifi.remote.client.PeerSelector java.io.IOException: Unable to communicate with remote NiFi cluster in order to determine which nodes exist in the remote cluster at org.apache.nifi.remote.client.PeerSelector.fetchRemotePeerStatuses(PeerSelector.java:392) at org.apache.nifi.remote.client.PeerSelector.refreshPeers(PeerSelector.java:346) at org.apache.nifi.remote.client.socket.EndpointConnectionPool$2.run(EndpointConnectionPool.java:127) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Suppressed: java.io.IOException: Channel is closed at org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel.read(SSLSocketChannel.java:573) at org.apache.nifi.remote.io.socket.ssl.SSLSocketChannelInputStream.read(SSLSocketChannelInputStream.java:46) at org.apache.nifi.stream.io.ByteCountingInputStream.read(ByteCountingInputStream.java:51) at org.apache.nifi.stream.io.BufferedInputStream.fill(BufferedInputStream.java:206) at org.apache.nifi.stream.io.BufferedInputStream.read(BufferedInputStream.java:227) at java.io.DataInputStream.readInt(DataInputStream.java:387) at org.apache.nifi.remote.protocol.socket.SocketClientProtocol.getPeerStatuses(SocketClientProtocol.java:225) at org.apache.nifi.remote.client.socket.EndpointConnectionPool.fetchRemotePeerStatuses(EndpointConnectionPool.java:404) at org.apache.nifi.remote.client.PeerSelector.fetchRemotePeerStatuses(PeerSelector.java:379) ... 9 common frames omitted I have run openssl s_client and the TLS connection itself seems to proceed New, TLSv1/SSLv3, Cipher ... Verify return code: 0 (ok) --- GET / HTTP/1.0 ... Note about the HTTP request. This is on purpose: Since I know HTTP S2S works, I tried it by entering into what should be a violation of the protocol and it seems to work: 2016-12-08 23:01:28,142 ERROR [Site-to-Site Worker Thread-297] o.a.nifi.remote.SocketRemoteSiteListener Unable to communicate with remote instance null due to org.apache.nifi.remote.exception.HandshakeException: Handshake with nifi://producer.testbed.internal:12345 failed because the Magic Header was not present; closing connection I noticed from the trace above that a NPE happens when SocketRemoteSiteListener makes a call to https://github.com/apache/nifi/blob/master/nifi-commons/nifi-properties/src/main/java/org/apache/nifi/util/NiFiProperties.java#L412 public Integer getRemoteInputHttpPort() { if (!isSiteToSiteHttpEnabled()) { return null; } Is this expected?