Hi Josef, I don't have a solution for you but it seems it has already been reported and a JIRA has been opened: https://issues.apache.org/jira/browse/NIFI-5370
Andy might be able to give more insights about it. Pierre 2018-07-05 13:19 GMT+02:00 Josefz <[email protected]>: > Hi expert > > I've just done an upgrade from NiFi 1.5.0 to 1.7.0 in a SSL secured cluster > with LDAP authentication. Now I'm not anymore able to login into the > webgui. > After I have entered the login/password I'm getting the following message: > > > > And nifi-app.log reports the following error messages: > > > > I'm having a wildcard SSL certificate and I'm using the same > keystore/truststore combination for three usecases: > - for cluster connectivity (in nifi.properties) > - in "authorizer.xml" > - in "login-identity-providers.xml". > > The keystore.jks (private/public) keypair has been signed by our internal > root CA and the root CA cert has been imported into the truststore.jks. As > the ldap login works with certificates I'm more or less sure that the certs > in general are fine. Has anybody an idea if wildcard CN and SAN names > should > work in a cluster or where the problem could be? I've tried the same certs > as well in standalone mode, no issue at all. > > The following parameters in nifi.properties are enabled: > nifi.security.needClientAuth=true > nifi.cluster.protocol.is.secure=true > > Thanks in advance > > > > > -- > Sent from: http://apache-nifi-developer-list.39713.n7.nabble.com/ >
