[
https://issues.apache.org/jira/browse/NIFI-3098?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
David Handermann resolved NIFI-3098.
------------------------------------
Fix Version/s: 2.0.0
Assignee: (was: Andy LoPresto)
Resolution: Fixed
No longer an issue in NiFi 2.0 following the removal of the encrypt-config.sh
toolkit command.
> Investigate possible issues with cluster flow synchronization when encryption
> key has been migrated multiple times
> ------------------------------------------------------------------------------------------------------------------
>
> Key: NIFI-3098
> URL: https://issues.apache.org/jira/browse/NIFI-3098
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework, Tools and Build
> Affects Versions: 1.1.0
> Reporter: Andy LoPresto
> Priority: Major
> Labels: cluster, encryption, migration, security
> Fix For: 2.0.0
>
> Attachments: flow.xml.gz, run.sh
>
>
> [~YolandaMDavis] encountered an issue when running a 3 node cluster and using
> the {{encrypt-config.sh}} tool to migrate the {{nifi.sensitive.props.key}}
> used to encrypt the {{flow.xml.gz}} contents *more than once*. Running the
> tool once was fine and the cluster started up without any issue. Stopping the
> cluster and running the tool again generated a {{pad block corrupted}} error,
> which almost always indicates that the cipher text is being decrypted by the
> wrong key.
> She can offer more details, including the exact steps to reproduce, but I
> wanted to capture this issue (much of it documented on [PR
> 1261|https://github.com/apache/nifi/pull/1261]) for further investigation.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
