Yep, certificate is fine. I ended up changing the cluster.load.balance.host
to the IP address and everything worked fine. The cluster UI in nifi
identifies the server by its FQDN. Good enough!

Total mystery though.

On Wed, 4 Dec 2019 at 21:21, Andy LoPresto <alopre...@apache.org> wrote:

> Hi Phil,
>
> Are you sure that the certificates have valid SubjectAlternativeName
> entries for the proper hostnames?
>
> Andy LoPresto
> alopre...@apache.org
> alopresto.apa...@gmail.com
> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
>
> > On Dec 3, 2019, at 7:53 PM, Phil H <gippyp...@gmail.com> wrote:
> >
> > Okay thanks I’ll check that state/local thing out.
> >
> > Drilling a little further on the main issue, it seems to boil down to
> NiFi
> > on Server B having an UnknownHostException for the FQDN for Server B. I
> am
> > just using /etc/hosts for the naming (no DNS in our server enclave) and
> of
> > course I have confirmed spelling, etc. I even wrote a two line Java
> program
> > that calls InetAddress.getAllByName, and passing it the same FQDN (copies
> > and pasted from the nifi stack trace) resolves without a problem. So now
> I
> > am really confused. I have rebooted Server B and that didn’t change
> > anything. I also tried an alternate FQDN and that has the same behavior
> on
> > Server B
> >
> > Really confused now!
> >
> > On Wed, 4 Dec 2019 at 01:14, Bryan Bende <bbe...@gmail.com> wrote:
> >
> >> Hello,
> >>
> >> To get rid of the old values from before securing your cluster, remove
> >> the state/local directory on both servers (assuming you don't have any
> >> processor state that you care about since this is a new cluster).
> >>
> >> For the other issue, is there a stacktrace with more info?
> >>
> >> Thanks,
> >>
> >> Bryan
> >>
> >> On Mon, Dec 2, 2019 at 7:14 PM Phil H <gippyp...@gmail.com> wrote:
> >>>
> >>> Hi there,
> >>>
> >>> I (almost) have a secure nifi 1.9.2 cluster of two servers. Server A
> >> starts
> >>> up fine, but Server B fails to start with this error (I cannot
> copy/paste
> >>> as it is an offline system)
> >>>
> >>> Could not start listening for incoming connections in order to load
> >> balance
> >>> data across the cluster. Please verify the values of
> >>> ‘nifi.cluster.load.balance.port’ and ‘ nifi.cluster.load.balance.host’
> >>> property as well as the ‘nifi.security.*’ properties
> >>>
> >>> The config between the two servers are identical, apart from the
> >> respective
> >>> host names, and there are no other applications trying to bind on any
> of
> >>> the ports on Server B. I have also tried changing ports in case it was
> >>> something simple like that.
> >>>
> >>> Additionally, when restarting Server A, I occasionally see references
> to
> >>> cluster members from before I had the secure config (eg: IP address /
> >> port
> >>> 80) - how do I expunge any prior info regarding cluster members and
> start
> >>> again with the two servers I now have??
> >>>
> >>>
> >>> Regards,
> >>> Phil
> >>
>
>

Reply via email to