Lars,
Thank you, this sent me in the direction I think I needed to go.
One other issue we have is that as this is internal, we are using self
signed certs both for remotes and the cloud central. This has worked in
the past for small setup, but with possibly 10x the number of remotes,
we
I'm pretty sure NiFi doesn't do that.
Rather this looks like it will be something between your browser and the
NiFi instance to which you're connecting - when you try to update the
processor property with the EL value and send it to your NiFi server,
something (not NiFi but a proxy or such as
Is my instance of NiFi trying to reach out to a NiFi URL to validate the EL or
something? If so, what would that URL be?
Thanks,
Stanley
-Original Message-
From: Mike Thomsen
Sent: Wednesday, March 30, 2022 6:11 PM
To: users@nifi.apache.org
Subject: Re: Insufficient Permissions for
Hi Dave, you could use a (custom) CA for your client certs, so only the
CA-cert would need to be trusted. And for policies, you could use an LDAP group
and base policies on that.
Downside is that NiFi currently doesn't offer certificate revocation afaik, so
it might not be applicable to you.
Matt,
The problem is access policies on the input port on the main NiFi:
We are using LDAP on the main NiFi, and when I create Site to Site comms
between NiFi instances I have to create a user in NiFi based on the
owner name in the cert from the remote. Once I have that user, I have
to ADD