Further info In the httpd installation, I need the private key for the certificate and it's paraphrase. That private key has not played a part of the NiFi install thus far (seems like an important thing - the "keystore" only has a certificate, not a key)
The reason why I used PKCS12 for the keystore was some Jetty debug output telling me that was preferred to JKS. Interestingly it gave me contrary advice for the trust store. On Sat, 5 May 2018 at 08:22, Phil H <[email protected]> wrote: > Hi Andy, > > Sorry - poor use of words (it was late when I wrote the email). When I > said "client" certificate I meant the certificate for the NiFi server (no > idea why I wrote "client") > > I'm not trying to use certificate authentication yet - simply to get NiFi > operating over TLS. > > When I test with OpenSSL, I get the same Nifi server log output as seen > with a connection attempt from a browser. > > On the Cipher issue, when I use OpenSSL to connect using said certificate > using httpd, it lists the successful cipher as one of those ignored by > Jetty, albeit with less underscores in the onscreen output: > TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 > > All machines involved are CentOS 7 - the only add-ons being Java 1.8 > (current release) and NiFi 1.6.0 (also current release) > > On Sat, 5 May 2018 at 01:26, Andy LoPresto <[email protected]> wrote: > >> Hi Phil, >> >> Sorry to hear you are having this problem. I have a couple steps you can >> try to resolve this. >> >> First, to clarify the terminology for NiFi, a “client certificate” refers >> to a public certificate and private key which in combination allow a client >> to uniquely identify itself and authenticate on a mutual authentication TLS >> connection. In NiFi terminology, the client certificate identifies a user >> or service which connects to NiFi. The “server certificate” identifies the >> NiFi service, and the CA is what signs one (or both) of those certificates. >> >> The “no cipher suites in common” error can occur when there are >> legitimately no cipher suites that both the client and server support. This >> can be verified by using the OpenSSL s_client tool to make a connection >> from the client to the server. I’ve pasted a sample invocation below. >> >> $ openssl s_client -connect <host:port> -debug -state -cert >> <path_to_your_cert.pem> -key <path_to_your_key.pem> -CAfile >> <path_to_your_CA_cert.pem> >> >> However, that error can also appear when the keystore does not contain a >> valid private key to be used. I suspect the keystore you generated for NiFi >> does not have the private key. You can verify this by examining the >> nifi1.crt file you imported. If you run `$ more nifi1.crt`, you should see >> a line “-----BEGIN PRIVATE KEY-----“ and then some Base64-encoded output. >> If you do not see this, you have only the public certificate in the file. >> Importing that into a keystore means that NiFi (or any other service using >> that keystore) will not be able to sign or decrypt any information >> encrypted with the public key, so it won’t be able to support any cipher >> suites that rely on RSA encryption or signatures. >> >> The nifi1.crt you imported into the keystore may also not have the >> complete certificate chain encoded, in which case when the server presents >> that certificate on an incoming connection, the client (command-line or >> browser) won’t be able to verify and trust it. You’ll get a different >> error, but it is something to be aware of. >> >> Is there a reason you chose to use a PKCS12 keystore in this scenario? >> Usually we recommend using JKS for both the keystore and the truststore. >> >> I hope this helps. If none of this resolves your issues, please let us >> know and we can continue to help. >> >> Andy LoPresto >> [email protected] >> *[email protected] <[email protected]>* >> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 >> >> On May 4, 2018, at 4:03 AM, Phil H <[email protected]> wrote: >> >> Hi all, >> >> I am trying to secure my NiFi installation. I have a client certificate >> (nifi1.crt) and the CA for the intranet (ca.crt). I created the trust and >> keystores as below: >> >> keytool -import -trustcacerts -alias nifi1 -file nifi1.crt -keystore >> server_keystore.p12 -storetype PKCS12 >> >> keytool -import -file ca.crt -alias cacert -keystore truststore.jks >> >> And the relevant nifi.properties are set as follows >> >> nifi.security.keystore=./conf/server_keystore.p12 >> nifi.security.keystoreType=PKCS12 >> nifi.security.keystorePasswd=<Password> >> nifi.security.keyPasswd=<Password> >> nifi.security.truststore=./conf/truststore.jks >> nifi.security.truststoreType=JKS >> nifi.security.truststorePasswd=<Password> >> >> When I try and access the site via https, I receive the above error in >> Firefox, and the following in the nifi-bootstrap.log (I have enabled >> additional debugging). >> >> Using both of these certificates inside Apache httpd works on the client >> as >> expected, so the certificates are fine. I have seen some references to >> bugs/features in Jetty under Java 1.8 related to older TLS versions, but >> I'm at a loss to explain this! Help!! >> >> Thanks, >> Phil >> >> 2018-05-04 20:57:17,406 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Using SSLEngineImpl. >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Allow unsafe renegotiation: false >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Allow legacy hello messages: true >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Is initial handshake: true >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Is secure renegotiation: false >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 >> for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 >> for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 >> for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 >> for TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 >> for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for >> TLSv1 >> 2018-05-04 20:57:17,407 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_CBC_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 >> for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_CBC_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 >> for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_256_GCM_SHA384 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 >> for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 >> for TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 >> for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Ignoring unsupported cipher suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 for >> TLSv1.1 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, READ: TLSv1 Handshake, length = 171 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> *** ClientHello, TLSv1.2 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> RandomCookie: GMT: 1840697519 bytes = { 105, 139, 207, 1, 25, 185, 102, >> 192, 232, 71, 128, 61, 66, 104, 220, 248, 126, 53, 133, 115, 216, 129, >> 238, >> 15, 202, 164, 110, 9 } >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Session ID: {} >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, >> TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, >> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, Unknown 0xcc:0xa9, >> TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, >> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, >> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, Unknown 0xcc:0xa8, >> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, >> TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, >> TLS_RSA_WITH_AES_128_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA] >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Compression Methods: { 0 } >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Extension server_name, server_name: [type=host_name (0), value=nifi1] >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Extension extended_master_secret >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Extension renegotiation_info, renegotiated_connection: <empty> >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Extension elliptic_curves, curve names: {unknown curve 29, secp256r1, >> secp384r1, secp521r1} >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Extension ec_point_formats, formats: [uncompressed] >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Unsupported extension type_35, data: >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Unsupported extension type_16, data: >> 00:0c:02:68:32:08:68:74:74:70:2f:31:2e:31 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Unsupported extension status_request, data: 01:00:00:00:00 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> Extension signature_algorithms, signature_algorithms: SHA256withECDSA, >> SHA384withECDSA, SHA512withECDSA, SHA256withRSA, SHA384withRSA, >> SHA512withRSA, SHA1withECDSA, SHA1withRSA >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> *** >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> %% Initialized: [Session-4, SSL_NULL_WITH_NULL_NULL] >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, fatal error: 40: no cipher suites in common >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> javax.net.ssl.SSLHandshakeException: no cipher suites in common >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> %% Invalidated: [Session-4, SSL_NULL_WITH_NULL_NULL] >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, SEND TLSv1.2 ALERT: fatal, description = >> handshake_failure >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, WRITE: TLSv1.2 Alert, length = 2 >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, fatal: engine already closed. Rethrowing >> javax.net.ssl.SSLHandshakeException: no cipher suites in common >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, called closeOutbound() >> 2018-05-04 20:57:17,408 INFO [NiFi logging handler] org.apache.nifi.StdOut >> NiFi Web Server-20, closeOutboundInternal() >> >> >>
