[ https://issues.apache.org/jira/browse/NIFI-4237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andy LoPresto updated NIFI-4237: -------------------------------- Description: Our Ansible instructions upgraded NiFi and created a new {{nifi.sensitive.props.key}}. In _nifi.properties_ this property, if extant, is used to encrypt sensitive properties in _flow.xml.gz_. Thus, upon relaunching NiFi, the wrong key was used to decrypt resulting in the reported failure to start, _flow.xml.gz_ is no longer useful. We found the problem and fixed it after Mark Payne suggested a possible cause, but if this state of things can be determined, it might save on community support for this situation if the logged message were to suggest what's at the bottom of this problem. The top of the stack trace appears in _logs/nifi-app.log_ as below: 2017-07-25 23:23:31,148 WARN [main] org.apache.nifi.web.server.JettyServer Failed to start web server... shutting down. org.apache.nifi.encrypt.EncryptionException: org.jasypt.exceptions.EncryptionOperationNotPossibleException at org.apache.nifi.encrypt.StringEncryptor.decrypt(StringEncryptor.java:149) ~[nifi-framework-core-1.1.2.jar:1.1.2] at org.apache.nifi.controller.serialization.FlowFromDOMFactory.decrypt(FlowFromDOMFactory.java:474) ~[nifi-framework-core-1.1.2.jar:1.1.2] at... was: Our Ansible instructions upgraded NiFi and created a new {{nifi.sensitive.props.key}}. In _nifi.properties_ this property, if extant, is used to encrypt sensitive properties in _flow.xml.gz_. Thus, upon relaunching NiFi, the wrong key was used to decrypt resulting in the reported failure to start, _flow.xml.gz_ is no longer useful. We found the problem and fixed it after Mark Payne suggested a possible cause, but if this state of things can be determined, it might save on community support for this situation if the logged message were to suggest what's at the bottom of this problem. The top of the stack trace appears in _logs/nifi-bootstrap.log_ as below: 2017-07-25 23:23:31,148 WARN [main] org.apache.nifi.web.server.JettyServer Failed to start web server... shutting down. org.apache.nifi.encrypt.EncryptionException: org.jasypt.exceptions.EncryptionOperationNotPossibleException at org.apache.nifi.encrypt.StringEncryptor.decrypt(StringEncryptor.java:149) ~[nifi-framework-core-1.1.2.jar:1.1.2] at org.apache.nifi.controller.serialization.FlowFromDOMFactory.decrypt(FlowFromDOMFactory.java:474) ~[nifi-framework-core-1.1.2.jar:1.1.2] at... > EncryptionOperationNotPossibleException in nifi-bootstrap.log might suggest > underlying cause > -------------------------------------------------------------------------------------------- > > Key: NIFI-4237 > URL: https://issues.apache.org/jira/browse/NIFI-4237 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework > Affects Versions: 1.3.0 > Reporter: Russell Bateman > Assignee: Andy LoPresto > Priority: Minor > Labels: encryption, logging, security > > Our Ansible instructions upgraded NiFi and created a new > {{nifi.sensitive.props.key}}. In _nifi.properties_ this property, if extant, > is used to encrypt sensitive properties in _flow.xml.gz_. Thus, upon > relaunching NiFi, the wrong key was used to decrypt resulting in the reported > failure to start, _flow.xml.gz_ is no longer useful. > We found the problem and fixed it after Mark Payne suggested a possible > cause, but if this state of things can be determined, it might save on > community support for this situation if the logged message were to suggest > what's at the bottom of this problem. The top of the stack trace appears in > _logs/nifi-app.log_ as below: > 2017-07-25 23:23:31,148 WARN [main] org.apache.nifi.web.server.JettyServer > Failed to start web server... shutting down. > org.apache.nifi.encrypt.EncryptionException: > org.jasypt.exceptions.EncryptionOperationNotPossibleException > at > org.apache.nifi.encrypt.StringEncryptor.decrypt(StringEncryptor.java:149) > ~[nifi-framework-core-1.1.2.jar:1.1.2] > at > org.apache.nifi.controller.serialization.FlowFromDOMFactory.decrypt(FlowFromDOMFactory.java:474) > ~[nifi-framework-core-1.1.2.jar:1.1.2] > at... -- This message was sent by Atlassian JIRA (v6.4.14#64029)