Dear Nathan,
I have changed the port for nifi-registry but I have the same result
==> nifi-registry-app.log <==
at com.ctc.wstx.sr.StreamScanner.throwUnexpectedChar(StreamScanner.java:666)
at com.ctc.wstx.sr.BasicStreamReader.readEndElem(BasicStreamReader.java:3323)
at com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2920)
at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1122)
at
com.sun.xml.bind.v2.runtime.unmarshaller.StAXStreamConnector.bridge(StAXStreamConnector.java:166)
at
com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:385)
... 111 common frames omitted
2023-01-16 12:22:01,019 INFO [Thread-0] org.apache.nifi.registry.NiFiRegistry
Initiating shutdown of Jetty web server...
2023-01-16 12:22:01,023 INFO [Thread-0]
o.eclipse.jetty.server.AbstractConnector Stopped ServerConnector@350aac89{SSL,
(ssl, http/1.1)}{192.168.74.233:19443}
2023-01-16 12:22:01,023 INFO [Thread-0] org.eclipse.jetty.server.session node0
Stopped scavenging
==> nifi-registry-app_2023-01-16_11.0.log <==
2023-01-16 11:59:13,594 INFO [main] o.eclipse.jetty.server.AbstractConnector
Started ServerConnector@4da4253{HTTP/1.1, (http/1.1)}{:18080}
2023-01-16 11:59:13,594 INFO [main] org.eclipse.jetty.server.Server Started
@16433ms
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer
NiFi Registry has started. The UI is available at the following URLs:
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer
http://192.168.74.233:18080/nifi-registry
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer
http://172.18.0.1:18080/nifi-registry
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer
http://172.17.0.1:18080/nifi-registry
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer
http://172.19.0.1:18080/nifi-registry
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer
http://127.0.0.1:18080/nifi-registry
2023-01-16 11:59:13,597 INFO [main] o.apache.nifi.registry.BootstrapListener
Successfully initiated communication with Bootstrap
2023-01-16 11:59:13,597 INFO [main] org.apache.nifi.registry.NiFiRegistry
Registry initialization took 12831133795 nanoseconds (12 seconds).
==> nifi-registry-bootstrap.log <==
2023-01-16 12:21:53,713 INFO [NiFi logging handler]
org.apache.nifi.registry.StdOut |_| \___|\__, |_|___/\__|_| \__, |
2023-01-16 12:21:53,713 INFO [NiFi logging handler]
org.apache.nifi.registry.StdOut ==========|___/================|___/=
2023-01-16 12:21:53,713 INFO [NiFi logging handler]
org.apache.nifi.registry.StdOut v
2023-01-16 12:21:53,713 INFO [NiFi logging handler]
org.apache.nifi.registry.StdOut
2023-01-16 12:21:57,582 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is currently running, listening to Bootstrap on port
42781, PID=234707
2023-01-16 12:22:01,018 ERROR [NiFi logging handler]
org.apache.nifi.registry.StdErr Failed to start web server:
org.springframework.beans.factory.UnsatisfiedDependencyException: Error
creating bean with name 'accessPolicyResource' defined in file
[/home/netadmin/nifi-registry-1.19.0/work/jetty/nifi-registry-web-api-1.19.0.war/webapp/WEB-INF/classes/org/apache/nifi/registry/web/api/AccessPolicyResource.class]:
Unsatisfied dependency expressed through constructor parameter 0; nested
exception is org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'standardServiceFacade' defined in file
[/home/netadmin/nifi-registry-1.19.0/work/jetty/nifi-registry-web-api-1.19.0.war/webapp/WEB-INF/classes/org/apache/nifi/registry/web/service/StandardServiceFacade.class]:
Unsatisfied dependency expressed through constructor parameter 2; nested
exception is org.springframework.beans.factory.UnsatisfiedDependencyException:
Error creating bean with name 'authorizationService' defined in URL
[jar:file:/home/netadmin/nifi-registry-1.19.0/work/jetty/nifi-registry-web-api-1.19.0.war/webapp/WEB-INF/lib/nifi-registry-framework-1.19.0.jar!/org/apache/nifi/registry/service/AuthorizationService.class]:
Unsatisfied dependency expressed through constructor parameter 1; nested
exception is org.springframework.beans.factory.BeanCreationException: Error
creating bean with name 'getAuthorizer' defined in class path resource
[org/apache/nifi/registry/security/authorization/AuthorizerFactory.class]: Bean
instantiation via factory method failed; nested exception is
org.springframework.beans.BeanInstantiationException: Failed to instantiate
[org.apache.nifi.registry.security.authorization.Authorizer]: Factory method
'getAuthorizer' threw exception; nested exception is
org.apache.nifi.registry.security.authorization.AuthorizerFactoryException:
Failed to construct Authorizer.
2023-01-16 12:22:01,018 ERROR [NiFi logging handler]
org.apache.nifi.registry.StdErr Shutting down...
2023-01-16 12:22:02,346 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is running at PID 234707 but is not responding to ping
requests
2023-01-16 12:22:02,719 INFO [main] o.a.n.registry.bootstrap.RunNiFiRegistry
NiFi Registry never started. Will not restart NiFi Registry
2023-01-16 12:22:06,990 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is not running
==> nifi-registry-event.log <==
At the moment, nifi-registry its running over http only. With https persist
this problem.
Do you have another suggestion about this topic ?
Best Regards.
From: "Nathan Gough" <thena...@apache.org>
To: "dev" <dev@nifi.apache.org>
Cc: "ANTHONY YOSHIHITO ADACHI CORDERO" <aada...@telconet.ec>, "EDISON FABRICIO
NARANJO ESPIN" <efnara...@telconet.ec>
Sent: Thursday, January 12, 2023 12:52:58 PM
Subject: Re: Problem with NIFI registry using ssl certificates
It looks like NiFi Registry is already running on [ http://127.0.0.1:19443/ |
127.0.0.1:19443 ] ? Attempts to start it again are showing failing to bind in
the bootstrap log:
2023-01-12 11:02:58,113 ERROR [NiFi logging handler]
org.apache.nifi.registry.StdErr Failed to start web server: Failed to bind to
127.0.0.1 :19443
I suggest trying a different bind port or figuring out why you're unable to
bind on the interface/address/hostname you've chosen. You might already have a
registry instance running or some other service. If running linux you should be
able to check with sudo lsof -i -P -n | grep 19443
If the registry service is running but you're unable to access it, I would kill
the process and try and start registry up again.
As far as I can tell your authorizers.xml file is fine.
Nathan
On Thu, Jan 12, 2023 at 11:23 AM EDISON FABRICIO NARANJO ESPIN < [
mailto:efnara...@telconet.ec | efnara...@telconet.ec ] > wrote:
Dear Nathan,
This is the output when nifi registry starts. The service stays active for
around 20 seconds and then stops working.
1:06 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh start
Java home: /usr/lib/jvm/java-11-openjdk-amd64/
NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0
Bootstrap Config File:
/home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf
11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status
Java home: /usr/lib/jvm/java-11-openjdk-amd64/
NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0
Bootstrap Config File:
/home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf
2023-01-12 11:07:08,260 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is currently running, listening to Bootstrap on port
42503, PID=15011
11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status
Java home: /usr/lib/jvm/java-11-openjdk-amd64/
NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0
Bootstrap Config File:
/home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf
2023-01-12 11:07:12,839 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is currently running, listening to Bootstrap on port
42503, PID=15011
11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status
Java home: /usr/lib/jvm/java-11-openjdk-amd64/
NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0
Bootstrap Config File:
/home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf
2023-01-12 11:07:17,734 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is currently running, listening to Bootstrap on port
42503, PID=15011
11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status
Java home: /usr/lib/jvm/java-11-openjdk-amd64/
NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0
Bootstrap Config File:
/home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf
2023-01-12 11:07:24,044 INFO [main] o.apache.nifi.registry.bootstrap.Command
Apache NiFi Registry is not running
Additionally, I send the logs and the files nifi-registry.properties and
authorizers.xml
Best Regards,
From: "Nathan Gough" < [ mailto:thena...@apache.org | thena...@apache.org ] >
To: "dev" < [ mailto:dev@nifi.apache.org | dev@nifi.apache.org ] >
Cc: "ANTHONY YOSHIHITO ADACHI CORDERO" < [ mailto:aada...@telconet.ec |
aada...@telconet.ec ] >, "EDISON FABRICIO NARANJO ESPIN" < [
mailto:efnara...@telconet.ec | efnara...@telconet.ec ] >
Sent: Thursday, January 12, 2023 10:03:08 AM
Subject: Re: Problem with NIFI registry using ssl certificates
Those parts of the config look fine.
Can you share more of the failure log message and/or your
nifi-registry.properties file?
On Thu, Jan 12, 2023, 9:34 AM EDISON FABRICIO NARANJO ESPIN < [
mailto:efnara...@telconet.ec | efnara...@telconet.ec ] > wrote:
BQ_BEGIN
Dear Nathan
This is the configuration
nifi.registry.web.http.host=
nifi.registry.web.http.port=
nifi.registry.web.https.host=127.0.0.1
nifi.registry.web.https.port=19443
Best Regards,
From: "Nathan Gough" < [ mailto:thena...@apache.org | thena...@apache.org ] >
To: "dev" < [ mailto:dev@nifi.apache.org | dev@nifi.apache.org ] >
Cc: "EDISON FABRICIO NARANJO ESPIN" < [ mailto:efnara...@telconet.ec |
efnara...@telconet.ec ] >, "ANTHONY YOSHIHITO ADACHI CORDERO" < [
mailto:aada...@telconet.ec | aada...@telconet.ec ] >
Sent: Wednesday, January 11, 2023 6:35:23 PM
Subject: Re: Problem with NIFI registry using ssl certificates
Hi Edison,
It sounds like your nifi-registry.properties file may have issues. Can you
share this section of configuration nifi.registry.web.https.host=?
nifi.registry.web.https.port=?
This guide should be able to help:
[
https://fm.telconet.net/fmlurlsvc/?fewReq=:B:JVs5MjYyOSV1PjEtMyVqZz4zMjkzMiVwamRtYnd2cWY+MTE2NDUzOjdnNjE3OjpiMDU1ZzFhZjY1MjdgZTU2YWdhNjUwZmA7ZyV3PjI1NDA3OzMyNTslcmpnPjAzQU1iNE9iMzE6NTE2LjAzQU1iNE9gMzE6NTE2JXFgc3c+ZmVtYnFibWlsQ3dmb2BsbWZ3LWZgJWA+NjEla2dvPjM=&url=https%3a%2f%2fcommunity.cloudera.com%2ft5%2fCommunity-Articles%2fSetting-Up-a-Secure-Apache-NiFi-Registry%2fta-p%2f247753
|
https://community.cloudera.com/t5/Community-Articles/Setting-Up-a-Secure-Apache-NiFi-Registry/ta-p/247753
]
There may be more exception information you can share with us that's
above/below the message you provided.
Nathan
On Wed, Jan 11, 2023, 6:21 PM EDISON FABRICIO NARANJO ESPIN < [
mailto:efnara...@telconet.ec | efnara...@telconet.ec ] > wrote:
BQ_BEGIN
Dear,
After configuring the security parameters in the nifi registry, its operation
cannot be started since the logs indicate that the jetty web server could not
be started. Is there a solution for this issue or you must work with a special
version of the product so that it can be deployed with https.
Attached log output
==> nifi-registry-app_2023-01-11_12.0.log <==
at
org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:344)
... 9 common frames omitted
Caused by: java.nio.channels.UnresolvedAddressException: null
at java.base/sun.nio.ch.Net.checkAddress(Net.java:131)
at
java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:222)
at java.base/sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:80)
... 10 common frames omitted
2023-01-11 12:56:44,477 INFO [Thread-0] org.apache.nifi.registry.NiFiRegistry
Initiating shutdown of Jetty web server...
2023-01-11 12:56:44,479 INFO [Thread-0]
o.eclipse.jetty.server.AbstractConnector Stopped ServerConnector@19e4653c{SSL,
(ssl, http/1.1)}{localhost :18443}
2023-01-11 12:56:44,479 INFO [Thread-0] org.eclipse.jetty.server.session node0
Stopped scavenging
Best regards,
--
Edison F. Naranjo E.
Seguridad Lógica
TELCONET LATAM
Cel: +593998608233
Quito-Ecuador
[ mailto:efnara...@telconet.ec | efnara...@telconet.ec ]
Toda la información contenida en este correo electrónico es confidencial y
podrá ser usada únicamente por los destinatarios. No imprimir a menos que sea
imprescindible.
--
Edison F. Naranjo E.
Seguridad Lógica
TELCONET LATAM
Quito-Ecuador
[ mailto:efnara...@telconet.ec | efnara...@telconet.ec ]
Toda la información contenida en este correo electrónico es confidencial y
podrá ser usada únicamente por los destinatarios. No imprimir a menos que sea
imprescindible.
BQ_END
--
Edison F. Naranjo E.
Seguridad Lógica
TELCONET LATAM
Quito-Ecuador
[ mailto:efnara...@telconet.ec | efnara...@telconet.ec ]
Toda la información contenida en este correo electrónico es confidencial y
podrá ser usada únicamente por los destinatarios. No imprimir a menos que sea
imprescindible.
BQ_END
--
Edison F. Naranjo E.
Seguridad Lógica
TELCONET LATAM
Quito-Ecuador
efnara...@telconet.ec
Toda la información contenida en este correo electrónico es confidencial y
podrá ser usada únicamente por los destinatarios. No imprimir a menos que sea
imprescindible.
