Hey All, Figured I'd shoot off an email before looking into issue reporting, in case this is a product of my own stupidity rather than an actual bug.
I'm trying to get MiNiFi communicating with a NiFi cluster on an internal network running with SSL. I'm able to connect to NiFi from a web browser after importing the correct certificates, but attempting to actually transfer a file with minifi produces the following result: [2018-02-09 15:45:55.136] [main] [info] MiNiFi started [2018-02-09 15:45:57.923] [org::apache::nifi::minifi::processors::GetFile] [info] GetFile process /home/jonah/optimus/data/dynamic/ready_logs/testcopy2.txt [2018-02-09 15:45:58.339] [org::apache::nifi::minifi::utils::HTTPClient] [debug] Setting callback for [2018-02-09 15:45:58.401] [org::apache::nifi::minifi::core::ProcessSession] [info] Transferring 3b086abc-0dda-11e8-ab09-c85b769e9522 from GetFile to relationship success [2018-02-09 15:45:58.438] [org::apache::nifi::minifi::RemoteProcessorGroupPort] [debug] Refreshing the peer list since there are none configured. [2018-02-09 15:45:58.439] [org::apache::nifi::minifi::utils::HTTPClient] [debug] https://rs0.internal.optimusride.com:9093/nifi-api/site-to-site is a secure url [2018-02-09 15:45:58.439] [org::apache::nifi::minifi::utils::HTTPClient] [debug] Submitting to https://rs0.internal.optimusride.com:9093/nifi-api/site-to-site [2018-02-09 15:45:58.553] [org::apache::nifi::minifi::utils::HTTPClient] [error] curl_easy_perform() failed Peer certificate cannot be authenticated with given CA certificates [2018-02-09 15:45:58.553] [org::apache::nifi::minifi::RemoteProcessorGroupPort] [error] ProcessGroup::refreshRemoteSite2SiteInfo -- curl_easy_perform() failed [2018-02-09 15:45:58.553] [org::apache::nifi::minifi::RemoteProcessorGroupPort] [debug] Obtained protocol from available_protocols_ [2018-02-09 15:45:58.553] [org::apache::nifi::minifi::RemoteProcessorGroupPort] [info] no protocol, yielding [2018-02-09 15:46:01.541] [org::apache::nifi::minifi::utils::HTTPClient] [debug] Setting callback for [2018-02-09 15:46:02.701] [org::apache::nifi::minifi::FlowController] [info] Stop Flow Controller [2018-02-09 15:46:04.748] [org::apache::nifi::minifi::utils::HTTPClient] [debug] Setting callback for [2018-02-09 15:46:05.137] [org::apache::nifi::minifi::FlowController] [info] Unload Flow Controller [2018-02-09 15:46:05.137] [main] [info] MiNiFi exit I'm not entirely sure what I'm doing wrong here, I'm fairly sure my certificate setup is fine. NiFi's keystore has a cert/private key signed by a CA i self-signed and created locally, it's truststore has the public key that corresponds to the client certificate and private key on MiNiFi, and MiNiFi has the certificate used to sign the one in NiFi's keystore. The best guess I have stems from the fact that the log message <url> is a secure url occurs, but the message that configure_secure_connection(CURL *http_session) should play if it runs doesn't come up, which leads me to beleive that ssl_context_service_ isn't initialized properly for some reason (see line 129 in /extensions/http-curl/HTTPClient.cpp, only place I see either of those methods called). Let me know if you have any insight on this, frankly I haven't found much documentation on the SSL setup for MiNiFi at all, so it's totally possible I did something horribly wrong there. I'd also be happy to make a bug report if y'all think this warrants one. Best, Jonah.
