John Wise created NIFI-10911:
--------------------------------
Summary: NiFi fails to start due to (likely) corrupted encrypted
value(s) in flow.xml.gz
Key: NIFI-10911
URL: https://issues.apache.org/jira/browse/NIFI-10911
Project: Apache NiFi
Issue Type: Bug
Reporter: John Wise
Over the past 2-3 weeks, a couple of our clusters have failed to start due to a
decryption failure. nifi-app.log displays
"{{{}o.a.n.c.serialization.FlowFromDOMFactory There was a problem decrypting a
sensitive flow configuration value. Check that the nifi.sensitive.props.key
value in nifi.properties matches the value used to encrypt the flow.xml.gz
file{}}}"
In both cases, none of the encryption key values in {{bootstrap.conf}} and
{{nifi.properties}} have changed. The issue appears to be that one, or more,
of the "{{{}enc{}{}}}" values in flow.xml.gz have become corrupted.
The issue doesn't present itself until a node is restarted, at which point,
NiFi continually fails to start due to the service being configured to
auto-restart. Ideally, rather than just failing to start, NiFi would still
complete the startup & alert the user to any decryption issues, so that they
can be fixed.
In the interim, I've been removing the "{{{}enc{}{}}}" values from the
flowfile, which allows NiFi to restart & give us the opportunity to manually
re-enter the removed values. It's not ideal, but it does allow us to get our
nodes back online.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
