[ https://issues.apache.org/jira/browse/NIFI-4237?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16124441#comment-16124441 ]
ASF subversion and git services commented on NIFI-4237: ------------------------------------------------------- Commit ae940d862420e00023eca2e996ad03646f3ed5a4 in nifi's branch refs/heads/master from [~alopresto] [ https://git-wip-us.apache.org/repos/asf?p=nifi.git;h=ae940d8 ] NIFI-4237 Added working test for StringEncryptor decryption of sensitive flow values in FlowFromDOMFactory. NIFI-4237 Cleaned up unused alternate approaches. NIFI-4237 Added failing unit test for better error message. NIFI-4237 Added logic to capture unhelpful encryption exception and provide context in message. All tests pass. This closes #2077 > EncryptionOperationNotPossibleException in nifi-bootstrap.log might suggest > underlying cause > -------------------------------------------------------------------------------------------- > > Key: NIFI-4237 > URL: https://issues.apache.org/jira/browse/NIFI-4237 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework > Affects Versions: 1.3.0 > Reporter: Russell Bateman > Assignee: Andy LoPresto > Priority: Minor > Labels: encryption, logging, security > > Our Ansible instructions upgraded NiFi and created a new > {{nifi.sensitive.props.key}}. In _nifi.properties_ this property, if extant, > is used to encrypt sensitive properties in _flow.xml.gz_. Thus, upon > relaunching NiFi, the wrong key was used to decrypt resulting in the reported > failure to start, _flow.xml.gz_ is no longer useful. > We found the problem and fixed it after Mark Payne suggested a possible > cause, but if this state of things can be determined, it might save on > community support for this situation if the logged message were to suggest > what's at the bottom of this problem. The top of the stack trace appears in > _logs/nifi-app.log_ as below: > 2017-07-25 23:23:31,148 WARN [main] org.apache.nifi.web.server.JettyServer > Failed to start web server... shutting down. > org.apache.nifi.encrypt.EncryptionException: > org.jasypt.exceptions.EncryptionOperationNotPossibleException > at > org.apache.nifi.encrypt.StringEncryptor.decrypt(StringEncryptor.java:149) > ~[nifi-framework-core-1.1.2.jar:1.1.2] > at > org.apache.nifi.controller.serialization.FlowFromDOMFactory.decrypt(FlowFromDOMFactory.java:474) > ~[nifi-framework-core-1.1.2.jar:1.1.2] > at... -- This message was sent by Atlassian JIRA (v6.4.14#64029)