[
https://issues.apache.org/jira/browse/NIFI-5146?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16466140#comment-16466140
]
ASF GitHub Bot commented on NIFI-5146:
--------------------------------------
Github user alopresto commented on the issue:
https://github.com/apache/nifi/pull/2683
If NiFi is configured with both HTTP and HTTPS settings present, startup
will fail and the error will look like the following:
```
2018-05-04 10:01:27,990 WARN [main] org.apache.nifi.web.server.JettyServer
Both the HTTP and HTTPS connectors are configured in nifi.properties. Only one
of these connectors should be configured. See the NiFi Admin Guide for more
details
2018-05-04 10:01:27,990 WARN [main] org.apache.nifi.web.server.JettyServer
HTTP connector: http://:8080
2018-05-04 10:01:27,991 WARN [main] org.apache.nifi.web.server.JettyServer
HTTPS connector: https://:8443
2018-05-04 10:01:27,991 ERROR [main] org.apache.nifi.web.server.JettyServer
NiFi only supports one mode of HTTP or HTTPS operation, not both
simultaneously. Check the nifi.properties file and ensure that either the HTTP
hostname and port or the HTTPS hostname and port are empty
2018-05-04 10:01:27,994 WARN [main] org.apache.nifi.web.server.JettyServer
Failed to start web server... shutting down.
java.lang.IllegalStateException: Only one of the HTTP and HTTPS connectors
can be configured at one time
at
org.apache.nifi.web.server.JettyServer.configureConnectors(JettyServer.java:608)
at org.apache.nifi.web.server.JettyServer.<init>(JettyServer.java:153)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at org.apache.nifi.NiFi.<init>(NiFi.java:150)
at org.apache.nifi.NiFi.<init>(NiFi.java:71)
at org.apache.nifi.NiFi.main(NiFi.java:292)
2018-05-04 10:01:27,995 INFO [Thread-1] org.apache.nifi.NiFi Initiating
shutdown of Jetty web server...
2018-05-04 10:01:27,996 INFO [Thread-1] org.apache.nifi.NiFi Jetty web
server shutdown completed (nicely or otherwise).
```
> Ability to configure HTTP and HTTPS simultaneously causes HostHeader issues
> ---------------------------------------------------------------------------
>
> Key: NIFI-5146
> URL: https://issues.apache.org/jira/browse/NIFI-5146
> Project: Apache NiFi
> Issue Type: Improvement
> Reporter: Aldrin Piri
> Assignee: Andy LoPresto
> Priority: Major
>
> The host header whitelisting evaluation is only done when NiFi is configured
> in secure mode, determined by the setting of an HTTPS port. (see
> https://github.com/apache/nifi/blob/master/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/main/java/org/apache/nifi/web/server/JettyServer.java#L161
> and
> [https://github.com/apache/nifi/blob/master/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/main/java/org/apache/nifi/web/server/HostHeaderHandler.java#L190).]
> However, in the case where both are enabled, the HTTP port is not enumerated
> in possible combinations and explicit inclusions of a given socket that would
> be HTTP is stripped via
> [https://github.com/apache/nifi/blob/master/nifi-nar-bundles/nifi-framework-bundle/nifi-framework/nifi-web/nifi-jetty/src/main/java/org/apache/nifi/web/server/HostHeaderHandler.java#L143.]
> It is possible that concurrently running HTTP and HTTPS no longer makes
> sense, in which case we could evaluate the relevant properties and prevent
> startup for an unintended configuration. Alternatively, we would need to
> adjust the custom hostname interpretation to also include consideration for
> the HTTP port.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
