Hi Mark, I believe SSL ZK connections are only supported in 3.5.0+ [1] and currently NiFi uses ZK 3.4.6 [2]. I don’t know the details on making a TLS connection to ZK, but my first thoughts would be to update the host/port combination in your NiFi configs to reference the ZK HTTPS port, and ensure that the certificate(s) used to identify ZK are in your NiFi truststore.
This warrants raising a Jira to request the feature. Thanks. [1] http://zookeeper-user.578899.n2.nabble.com/SSL-between-java-client-and-zookeeper-td7582421.html <http://zookeeper-user.578899.n2.nabble.com/SSL-between-java-client-and-zookeeper-td7582421.html> [2] https://github.com/apache/nifi/blob/master/pom.xml#L748 <https://github.com/apache/nifi/blob/master/pom.xml#L748> Andy LoPresto [email protected] [email protected] PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Oct 31, 2017, at 11:37 AM, Mark Bean <[email protected]> wrote: > > Has anyone setup zookeeper connections for a NiFi Cluster over SSL? We have > ZK itself running over SSL. How do we get the NiFi to ZK connections > secure? Is this possible? Advice, suggestions and/or documentation greatly > appreciated. > > Thanks, > Mark
signature.asc
Description: Message signed with OpenPGP using GPGMail
