Nifi Cluster Untrusted Proxy Error

2019-12-04 Thread Dweep Sharma
Hi All , I am trying to setup a NIFI Cluster (2 node) with OpenIDConnect (Google). The cluster setup was done using https://pierrevillard.com/2016/11/29/apache-nifi-1-1-0-secured-cluster-setup and openid was done using https://bryanbende.com/development/2017/10/03/apache-nifi-openid-connect The

Re: Nifi Cluster Untrusted Proxy Error

2019-09-06 Thread Dweep Sharma
Sure, could you please share resources on how to enable trust between ssl certs on two nodes Attaching the authorizations.xml as there was an issue pasting it directly to the mail body On Tue, Sep 3, 2019 at 7:15 PM Bryan Bende wrote: > Please show authorizations.xml, thank you. > > Also, yo

Re: Nifi Cluster Untrusted Proxy Error

2019-09-05 Thread Andy LoPresto
We are working on additional documentation to explain the details of TLS-based trust, but this is a complicated topic and not specifically a core area of existing NiFi docs as it is an independent topic. I would recommend this post [1] for an understanding of the actual TLS process, and this hig

Re: Nifi Cluster Untrusted Proxy Error

2019-09-05 Thread Bryan Bende
Your authorizers.xml shows two Node Identities: CN=dpdum1.dummy.com, OU=NIFI CN=dpdum2.dummy.com, OU=NIFI However these are not present in users.xml so you must have added these after having started the application once which generated the initial users.xml Anytime you change the initial admin

Re: Nifi Cluster Untrusted Proxy Error

2019-09-05 Thread Dweep Sharma
Sure, could you please share resources on how to enable trust between ssl certs on two nodes authorizations.xml

Re: Nifi Cluster Untrusted Proxy Error

2019-09-03 Thread Bryan Bende
Please show authorizations.xml, thank you. Also, you shouldn't really be using wildcard certs - https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html#wildcard_certificates On Tue, Sep 3, 2019 at 5:32 AM Dweep Sharma wrote: > > Can someone take a peek at this - what could be wrong? Thank

Re: Nifi Cluster Untrusted Proxy Error

2019-09-03 Thread Dweep Sharma
Can someone take a peek at this - what could be wrong? Thanks -Dweep On Fri, Aug 30, 2019 at 4:52 PM Dweep Sharma wrote: > Hi All, > > I am receiving an error while setting up a 2 node cluster (external zk) > using Google Auth [OpenID connect] > > *Insufficient Permissions* > > *Untrusted proxy

Nifi Cluster Untrusted Proxy Error

2019-08-30 Thread Dweep Sharma
Hi All, I am receiving an error while setting up a 2 node cluster (external zk) using Google Auth [OpenID connect] *Insufficient Permissions* *Untrusted proxy CN=*.dummy.com , OU=NIFI* We have used nifi toolkit to generate the certificates: ./bin/tls-toolkit.sh standalone -n