I can't quite say what exactly is going wrong, but it seems there's potentially a problem with your authorizers/authorizations file in addition to nifi-registry.properties? I'm not sure why registry is listening on multiple interfaces (when you've only specified localhost):
2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer http://192.168.74.233:18080/nifi-registry 2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer http://172.18.0.1:18080/nifi-registry 2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer http://172.17.0.1:18080/nifi-registry 2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer http://172.19.0.1:18080/nifi-registry 2023-01-16 11:59:13,595 INFO [main] o.apache.nifi.registry.jetty.JettyServer http://127.0.0.1:18080/nifi-registry Are you able to share your nifi-registry.properties file? There must be something wrong in there.. I would again suggest going through this guide and automatically generate these configs to get things running or compare to yours: https://community.cloudera.com/t5/Community-Articles/Setting-Up-a-Secure-Apache-NiFi-Registry/ta-p/247753 You might also like to try the apache NiFi slack channel apachenifi.slack.com for quicker feedback. On Mon, Jan 16, 2023, 12:34 PM EDISON FABRICIO NARANJO ESPIN < efnara...@telconet.ec> wrote: > > Dear Nathan, > > I have changed the port for nifi-registry but I have the same result > > ==> nifi-registry-app.log <== > at > com.ctc.wstx.sr.StreamScanner.throwUnexpectedChar(StreamScanner.java:666) > at > com.ctc.wstx.sr.BasicStreamReader.readEndElem(BasicStreamReader.java:3323) > at > com.ctc.wstx.sr.BasicStreamReader.nextFromTree(BasicStreamReader.java:2920) > at com.ctc.wstx.sr.BasicStreamReader.next(BasicStreamReader.java:1122) > at > com.sun.xml.bind.v2.runtime.unmarshaller.StAXStreamConnector.bridge(StAXStreamConnector.java:166) > at > com.sun.xml.bind.v2.runtime.unmarshaller.UnmarshallerImpl.unmarshal0(UnmarshallerImpl.java:385) > ... 111 common frames omitted > 2023-01-16 12:22:01,019 INFO [Thread-0] > org.apache.nifi.registry.NiFiRegistry Initiating shutdown of Jetty web > server... > 2023-01-16 12:22:01,023 INFO [Thread-0] > o.eclipse.jetty.server.AbstractConnector Stopped ServerConnector@350aac89{SSL, > (ssl, http/1.1)}{192.168.74.233:19443} > 2023-01-16 12:22:01,023 INFO [Thread-0] org.eclipse.jetty.server.session > node0 Stopped scavenging > > ==> nifi-registry-app_2023-01-16_11.0.log <== > 2023-01-16 11:59:13,594 INFO [main] > o.eclipse.jetty.server.AbstractConnector Started > ServerConnector@4da4253{HTTP/1.1, > (http/1.1)}{:18080} > 2023-01-16 11:59:13,594 INFO [main] org.eclipse.jetty.server.Server > Started @16433ms > 2023-01-16 11:59:13,595 INFO [main] > o.apache.nifi.registry.jetty.JettyServer NiFi Registry has started. The UI > is available at the following URLs: > 2023-01-16 11:59:13,595 INFO [main] > o.apache.nifi.registry.jetty.JettyServer > http://192.168.74.233:18080/nifi-registry > 2023-01-16 11:59:13,595 INFO [main] > o.apache.nifi.registry.jetty.JettyServer > http://172.18.0.1:18080/nifi-registry > 2023-01-16 11:59:13,595 INFO [main] > o.apache.nifi.registry.jetty.JettyServer > http://172.17.0.1:18080/nifi-registry > 2023-01-16 11:59:13,595 INFO [main] > o.apache.nifi.registry.jetty.JettyServer > http://172.19.0.1:18080/nifi-registry > 2023-01-16 11:59:13,595 INFO [main] > o.apache.nifi.registry.jetty.JettyServer > http://127.0.0.1:18080/nifi-registry > 2023-01-16 11:59:13,597 INFO [main] > o.apache.nifi.registry.BootstrapListener Successfully initiated > communication with Bootstrap > 2023-01-16 11:59:13,597 INFO [main] org.apache.nifi.registry.NiFiRegistry > Registry initialization took 12831133795 nanoseconds (12 seconds). > > ==> nifi-registry-bootstrap.log <== > 2023-01-16 12:21:53,713 INFO [NiFi logging handler] > org.apache.nifi.registry.StdOut |_| \___|\__, |_|___/\__|_| \__, | > 2023-01-16 12:21:53,713 INFO [NiFi logging handler] > org.apache.nifi.registry.StdOut ==========|___/================|___/= > 2023-01-16 12:21:53,713 INFO [NiFi logging handler] > org.apache.nifi.registry.StdOut v > 2023-01-16 12:21:53,713 INFO [NiFi logging handler] > org.apache.nifi.registry.StdOut > 2023-01-16 12:21:57,582 INFO [main] > o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is currently > running, listening to Bootstrap on port 42781, PID=234707 > 2023-01-16 12:22:01,018 ERROR [NiFi logging handler] > org.apache.nifi.registry.StdErr Failed to start web server: > org.springframework.beans.factory.UnsatisfiedDependencyException: Error > creating bean with name 'accessPolicyResource' defined in file > [/home/netadmin/nifi-registry-1.19.0/work/jetty/nifi-registry-web-api-1.19.0.war/webapp/WEB-INF/classes/org/apache/nifi/registry/web/api/AccessPolicyResource.class]: > Unsatisfied dependency expressed through constructor parameter 0; nested > exception is > org.springframework.beans.factory.UnsatisfiedDependencyException: Error > creating bean with name 'standardServiceFacade' defined in file > [/home/netadmin/nifi-registry-1.19.0/work/jetty/nifi-registry-web-api-1.19.0.war/webapp/WEB-INF/classes/org/apache/nifi/registry/web/service/StandardServiceFacade.class]: > Unsatisfied dependency expressed through constructor parameter 2; nested > exception is > org.springframework.beans.factory.UnsatisfiedDependencyException: Error > creating bean with name 'authorizationService' defined in URL > [jar:file:/home/netadmin/nifi-registry-1.19.0/work/jetty/nifi-registry-web-api-1.19.0.war/webapp/WEB-INF/lib/nifi-registry-framework-1.19.0.jar!/org/apache/nifi/registry/service/AuthorizationService.class]: > Unsatisfied dependency expressed through constructor parameter 1; nested > exception is org.springframework.beans.factory.BeanCreationException: Error > creating bean with name 'getAuthorizer' defined in class path resource > [org/apache/nifi/registry/security/authorization/AuthorizerFactory.class]: > Bean instantiation via factory method failed; nested exception is > org.springframework.beans.BeanInstantiationException: Failed to instantiate > [org.apache.nifi.registry.security.authorization.Authorizer]: Factory > method 'getAuthorizer' threw exception; nested exception is > org.apache.nifi.registry.security.authorization.AuthorizerFactoryException: > Failed to construct Authorizer. > 2023-01-16 12:22:01,018 ERROR [NiFi logging handler] > org.apache.nifi.registry.StdErr Shutting down... > 2023-01-16 12:22:02,346 INFO [main] > o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is running at > PID 234707 but is not responding to ping requests > 2023-01-16 12:22:02,719 INFO [main] > o.a.n.registry.bootstrap.RunNiFiRegistry NiFi Registry never started. Will > not restart NiFi Registry > 2023-01-16 12:22:06,990 INFO [main] > o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is not running > > ==> nifi-registry-event.log <== > > > At the moment, nifi-registry its running over http only. With https > persist this problem. > > Do you have another suggestion about this topic ? > > Best Regards. > > ------------------------------ > *From: *"Nathan Gough" <thena...@apache.org> > *To: *"dev" <dev@nifi.apache.org> > *Cc: *"ANTHONY YOSHIHITO ADACHI CORDERO" <aada...@telconet.ec>, "EDISON > FABRICIO NARANJO ESPIN" <efnara...@telconet.ec> > *Sent: *Thursday, January 12, 2023 12:52:58 PM > *Subject: *Re: Problem with NIFI registry using ssl certificates > > It looks like NiFi Registry is already running on 127.0.0.1:19443? > Attempts to start it again are showing failing to bind in the bootstrap log: > > 2023-01-12 11:02:58,113 ERROR [NiFi logging handler] > org.apache.nifi.registry.StdErr Failed to start web server: Failed to bind to > 127.0.0.1 :19443 > > > I suggest trying a different bind port or figuring out why you're unable > to bind on the interface/address/hostname you've chosen. You might already > have a registry instance running or some other service. If running linux > you should be able to check with sudo lsof -i -P -n | grep 19443 > > If the registry service is running but you're unable to access it, I would > kill the process and try and start registry up again. > > As far as I can tell your authorizers.xml file is fine. > > Nathan > > > On Thu, Jan 12, 2023 at 11:23 AM EDISON FABRICIO NARANJO ESPIN < > efnara...@telconet.ec> wrote: > >> Dear Nathan, >> >> This is the output when nifi registry starts. The service stays active >> for around 20 seconds and then stops working. >> >> >> 1:06 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh start >> >> Java home: /usr/lib/jvm/java-11-openjdk-amd64/ >> NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0 >> >> Bootstrap Config File: >> /home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf >> >> >> 11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status >> >> Java home: /usr/lib/jvm/java-11-openjdk-amd64/ >> NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0 >> >> Bootstrap Config File: >> /home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf >> >> 2023-01-12 11:07:08,260 INFO [main] >> o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is currently >> running, listening to Bootstrap on port 42503, PID=15011 >> >> 11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status >> >> Java home: /usr/lib/jvm/java-11-openjdk-amd64/ >> NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0 >> >> Bootstrap Config File: >> /home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf >> >> 2023-01-12 11:07:12,839 INFO [main] >> o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is currently >> running, listening to Bootstrap on port 42503, PID=15011 >> >> 11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status >> >> Java home: /usr/lib/jvm/java-11-openjdk-amd64/ >> NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0 >> >> Bootstrap Config File: >> /home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf >> >> 2023-01-12 11:07:17,734 INFO [main] >> o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is currently >> running, listening to Bootstrap on port 42503, PID=15011 >> >> 11:07 edinaranjoespin@EFNARANJO-LT:bin $./nifi-registry.sh status >> >> Java home: /usr/lib/jvm/java-11-openjdk-amd64/ >> NiFi Registry home: /home/edinaranjoespin/NiFi/nifi-registry-1.19.0 >> >> Bootstrap Config File: >> /home/edinaranjoespin/NiFi/nifi-registry-1.19.0/conf/bootstrap.conf >> >> 2023-01-12 11:07:24,044 INFO [main] >> o.apache.nifi.registry.bootstrap.Command Apache NiFi Registry is not running >> >> >> Additionally, I send the logs and the files nifi-registry.properties and >> authorizers.xml >> >> Best Regards, >> ------------------------------ >> *From: *"Nathan Gough" <thena...@apache.org> >> *To: *"dev" <dev@nifi.apache.org> >> *Cc: *"ANTHONY YOSHIHITO ADACHI CORDERO" <aada...@telconet.ec>, "EDISON >> FABRICIO NARANJO ESPIN" <efnara...@telconet.ec> >> *Sent: *Thursday, January 12, 2023 10:03:08 AM >> *Subject: *Re: Problem with NIFI registry using ssl certificates >> >> Those parts of the config look fine. >> Can you share more of the failure log message and/or your >> nifi-registry.properties file? >> >> >> >> On Thu, Jan 12, 2023, 9:34 AM EDISON FABRICIO NARANJO ESPIN < >> efnara...@telconet.ec> wrote: >> >>> Dear Nathan >>> >>> This is the configuration >>> >>> nifi.registry.web.http.host= >>> nifi.registry.web.http.port= >>> nifi.registry.web.https.host=127.0.0.1 >>> nifi.registry.web.https.port=19443 >>> >>> >>> Best Regards, >>> ------------------------------ >>> *From: *"Nathan Gough" <thena...@apache.org> >>> *To: *"dev" <dev@nifi.apache.org> >>> *Cc: *"EDISON FABRICIO NARANJO ESPIN" <efnara...@telconet.ec>, "ANTHONY >>> YOSHIHITO ADACHI CORDERO" <aada...@telconet.ec> >>> *Sent: *Wednesday, January 11, 2023 6:35:23 PM >>> *Subject: *Re: Problem with NIFI registry using ssl certificates >>> >>> Hi Edison, >>> >>> It sounds like your nifi-registry.properties file may have issues. Can >>> you share this section of configuration nifi.registry.web.https.host=? >>> nifi.registry.web.https.port=? >>> >>> This guide should be able to help: >>> >>> https://community.cloudera.com/t5/Community-Articles/Setting-Up-a-Secure-Apache-NiFi-Registry/ta-p/247753 >>> <https://fm.telconet.net/fmlurlsvc/?fewReq=:B:JVs5MjYyOSV1PjEtMyVqZz4zMjkzMiVwamRtYnd2cWY+MTE2NDUzOjdnNjE3OjpiMDU1ZzFhZjY1MjdgZTU2YWdhNjUwZmA7ZyV3PjI1NDA3OzMyNTslcmpnPjAzQU1iNE9iMzE6NTE2LjAzQU1iNE9gMzE6NTE2JXFgc3c+ZmVtYnFibWlsQ3dmb2BsbWZ3LWZgJWA+NjEla2dvPjM=&url=https%3a%2f%2fcommunity.cloudera.com%2ft5%2fCommunity-Articles%2fSetting-Up-a-Secure-Apache-NiFi-Registry%2fta-p%2f247753> >>> >>> There may be more exception information you can share with us that's >>> above/below the message you provided. >>> >>> Nathan >>> >>> >>> On Wed, Jan 11, 2023, 6:21 PM EDISON FABRICIO NARANJO ESPIN < >>> efnara...@telconet.ec> wrote: >>> >>>> Dear, >>>> >>>> After configuring the security parameters in the nifi registry, its >>>> operation cannot be started since the logs indicate that the jetty web >>>> server could not be started. Is there a solution for this issue or you must >>>> work with a special version of the product so that it can be deployed with >>>> https. >>>> >>>> Attached log output >>>> >>>> ==> nifi-registry-app_2023-01-11_12.0.log <== >>>> at >>>> org.eclipse.jetty.server.ServerConnector.openAcceptChannel(ServerConnector.java:344) >>>> ... 9 common frames omitted >>>> Caused by: java.nio.channels.UnresolvedAddressException: null >>>> at java.base/sun.nio.ch.Net.checkAddress(Net.java:131) >>>> at >>>> java.base/sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:222) >>>> at >>>> java.base/sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:80) >>>> ... 10 common frames omitted >>>> 2023-01-11 12:56:44,477 INFO [Thread-0] >>>> org.apache.nifi.registry.NiFiRegistry Initiating shutdown of Jetty web >>>> server... >>>> 2023-01-11 12:56:44,479 INFO [Thread-0] >>>> o.eclipse.jetty.server.AbstractConnector Stopped >>>> ServerConnector@19e4653c{SSL, >>>> (ssl, http/1.1)}{localhost :18443} >>>> 2023-01-11 12:56:44,479 INFO [Thread-0] >>>> org.eclipse.jetty.server.session node0 Stopped scavenging >>>> >>>> >>>> Best regards, >>>> -- >>>> Edison F. Naranjo E. >>>> Seguridad Lógica >>>> TELCONET LATAM >>>> Cel: +593998608233 >>>> Quito-Ecuador >>>> efnara...@telconet.ec >>>> >>>> Toda la información contenida en este correo electrónico es >>>> confidencial y podrá ser usada únicamente por los destinatarios. No >>>> imprimir a menos que sea imprescindible. >>>> >>>> >>> >>> >>> -- >>> Edison F. Naranjo E. >>> Seguridad Lógica >>> TELCONET LATAM >>> Quito-Ecuador >>> efnara...@telconet.ec >>> >>> >>> Toda la información contenida en este correo electrónico es confidencial >>> y podrá ser usada únicamente por los destinatarios. No imprimir a menos que >>> sea imprescindible. >>> >>> >> >> >> -- >> Edison F. Naranjo E. >> Seguridad Lógica >> TELCONET LATAM >> Quito-Ecuador >> efnara...@telconet.ec >> >> >> Toda la información contenida en este correo electrónico es confidencial >> y podrá ser usada únicamente por los destinatarios. No imprimir a menos que >> sea imprescindible. >> >> > > > -- > Edison F. Naranjo E. > Seguridad Lógica > TELCONET LATAM > Quito-Ecuador > efnara...@telconet.ec > > > Toda la información contenida en este correo electrónico es confidencial y > podrá ser usada únicamente por los destinatarios. No imprimir a menos que > sea imprescindible. > >
