Re: publishmqtt with SSL
Hey Andy, Thanks for getting back to me. I’ve linked to the log files below. I do see in nifi-bootstrap.log that the cert is trusted but like you said it doesn’t look to be an SSL-specific issue. I will work on a remote debug session and see if that gives me any additional clues. 2017-08-17 10:17:49,763 INFO [NiFi logging handler] org.apache.nifi.StdOut adding as trusted cert: 2017-08-17 10:17:49,763 INFO [NiFi logging handler] org.apache.nifi.StdOut Subject: CN=*.azure-devices.net 2017-08-17 10:17:49,763 INFO [NiFi logging handler] org.apache.nifi.StdOut Issuer: CN=Microsoft IT SSL SHA2, OU=Microsoft IT, O=Microsoft Corporation, L=Redmond, ST=Washington, C=US 2017-08-17 10:17:49,763 INFO [NiFi logging handler] org.apache.nifi.StdOut Algorithm: RSA; Serial number: 0x5a0008405e4aa32ff9d2f237710008405e 2017-08-17 10:17:49,763 INFO [NiFi logging handler] org.apache.nifi.StdOut Valid from Thu May 11 20:25:52 CDT 2017 until Mon May 07 12:03:30 CDT 2018 https://www.dropbox.com/s/8ddzmezx0sporwa/nifi-bootstrap.log?dl=0 https://www.dropbox.com/s/609jgeqaxwnukun/nifi-app.log?dl=0 Thanks, Jeff Oxenberg From: Andy LoPresto <alopre...@apache.org<mailto:alopre...@apache.org>> Reply-To: <users@nifi.apache.org<mailto:users@nifi.apache.org>> Date: Wednesday, August 16, 2017 at 3:05 PM To: <users@nifi.apache.org<mailto:users@nifi.apache.org>> Subject: Re: publishmqtt with SSL Hi Jeff, Sorry you are having issues with this. Can you provide a full nifi-app.log which includes all the stacktraces? If you can enable “java.arg.15=-Djavax.net.debug=ssl,handshake” in your conf/bootstrap.conf, please also include nifi-bootstrap.log as this will contain the JSSE SSL/TLS output. From your stacktrace, it does not appear that this is a specific SSL/TLS issue, but it may be exposed by code related to that, so I can take a look. Usually, "InvocationTargetException: null” means that a NullPointerException was generated when trying to invoke the method on a null object. If you can do a remote debug session, I would look at PublishMQTT:131 and check if an exception is being generated there (or catch Throwable on line 338 rather than specific MQTTException). Andy LoPresto alopre...@apache.org<mailto:alopre...@apache.org> alopresto.apa...@gmail.com<mailto:alopresto.apa...@gmail.com> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 On Aug 16, 2017, at 3:55 PM, Oxenberg, Jeff <jeff.oxenb...@hpe.com<mailto:jeff.oxenb...@hpe.com>> wrote: Bumping this up as I’m still having an issue here; has anyone gotten publishmqtt working with SSL? Jeff Oxenberg From: Oxenberg, Jeff Sent: Tuesday, August 08, 2017 8:33 PM To: users@nifi.apache.org<mailto:users@nifi.apache.org> Subject: publishmqtt with SSL Hey, I’m trying to get NiFi to send mqtt messages to the Azure IoT Hub. The IoT Hub uses SSL certificates, and I’m having trouble getting it working with the publishmqtt processor. I create a StandardSSLContextService pointing the truststore at /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts. I made sure (I think) that the chain was trusted by importing it manually into the cacerts: openssl s_client -showcerts -connect gsetest.azure-devices.net<http://gsetest.azure-devices.net>:8883 msft.cert keytool -import -noprompt -trustcacerts -alias azure -file msft.cert -keystore /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts -storepass changeit When I start the processor, I immediately get the below error. This all works when I do it manually outside of NiFi using mosquitto_pub, so I know that my various settings (username, password, etc) are correct. Has anyone done something similar, or can anyone offer any help here? 2017-08-08 17:20:28,570 ERROR [StandardProcessScheduler Thread-6] o.a.n.controller.StandardProcessorNode Failed to invoke @OnScheduled method due to java.lang.RuntimeException: Failed while executing one of processor's OnScheduled task. java.lang.RuntimeException: Failed while executing one of processor's OnScheduled task. at org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1480) at org.apache.nifi.controller.StandardProcessorNode.access$000(StandardProcessorNode.java:100) at org.apache.nifi.controller.StandardProcessorNode$1.run(StandardProcessorNode.java:1301) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at j
Re: publishmqtt with SSL
Hi Jeff, Sorry you are having issues with this. Can you provide a full nifi-app.log which includes all the stacktraces? If you can enable “java.arg.15=-Djavax.net.debug=ssl,handshake” in your conf/bootstrap.conf, please also include nifi-bootstrap.log as this will contain the JSSE SSL/TLS output. From your stacktrace, it does not appear that this is a specific SSL/TLS issue, but it may be exposed by code related to that, so I can take a look. Usually, "InvocationTargetException: null” means that a NullPointerException was generated when trying to invoke the method on a null object. If you can do a remote debug session, I would look at PublishMQTT:131 and check if an exception is being generated there (or catch Throwable on line 338 rather than specific MQTTException). Andy LoPresto alopre...@apache.org alopresto.apa...@gmail.com PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Aug 16, 2017, at 3:55 PM, Oxenberg, Jeff <jeff.oxenb...@hpe.com> wrote: > > Bumping this up as I’m still having an issue here; has anyone gotten > publishmqtt working with SSL? > > Jeff Oxenberg > > From: Oxenberg, Jeff > Sent: Tuesday, August 08, 2017 8:33 PM > To: users@nifi.apache.org > Subject: publishmqtt with SSL > > Hey, > > I’m trying to get NiFi to send mqtt messages to the Azure IoT Hub. The IoT > Hub uses SSL certificates, and I’m having trouble getting it working with the > publishmqtt processor. I create a StandardSSLContextService pointing the > truststore at /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts. I > made sure (I think) that the chain was trusted by importing it manually into > the cacerts: > openssl s_client -showcerts -connect gsetest.azure-devices.net:8883 > msft.cert > keytool -import -noprompt -trustcacerts -alias azure -file msft.cert > -keystore /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts > -storepass changeit > > When I start the processor, I immediately get the below error. This all > works when I do it manually outside of NiFi using mosquitto_pub, so I know > that my various settings (username, password, etc) are correct. Has anyone > done something similar, or can anyone offer any help here? > > 2017-08-08 17:20:28,570 ERROR [StandardProcessScheduler Thread-6] > o.a.n.controller.StandardProcessorNode Failed to invoke @OnScheduled method > due to java.lang.RuntimeException: Failed while executing one of processor's > OnScheduled task. > java.lang.RuntimeException: Failed while executing one of processor's > OnScheduled task. > at > org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1480) > at > org.apache.nifi.controller.StandardProcessorNode.access$000(StandardProcessorNode.java:100) > at > org.apache.nifi.controller.StandardProcessorNode$1.run(StandardProcessorNode.java:1301) > at > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at > java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) > at > java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748) > Caused by: java.util.concurrent.ExecutionException: > java.lang.reflect.InvocationTargetException > at java.util.concurrent.FutureTask.report(FutureTask.java:122) > at java.util.concurrent.FutureTask.get(FutureTask.java:206) > at > org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1463) > ... 9 common frames omitted > Caused by: java.lang.reflect.InvocationTargetException: null > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > > Thanks, > > > Jeff Oxenberg signature.asc Description: Message signed with OpenPGP using GPGMail
RE: publishmqtt with SSL
Bumping this up as I’m still having an issue here; has anyone gotten publishmqtt working with SSL? Jeff Oxenberg From: Oxenberg, Jeff Sent: Tuesday, August 08, 2017 8:33 PM To: users@nifi.apache.org Subject: publishmqtt with SSL Hey, I’m trying to get NiFi to send mqtt messages to the Azure IoT Hub. The IoT Hub uses SSL certificates, and I’m having trouble getting it working with the publishmqtt processor. I create a StandardSSLContextService pointing the truststore at /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts. I made sure (I think) that the chain was trusted by importing it manually into the cacerts: openssl s_client -showcerts -connect gsetest.azure-devices.net:8883 msft.cert keytool -import -noprompt -trustcacerts -alias azure -file msft.cert -keystore /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts -storepass changeit When I start the processor, I immediately get the below error. This all works when I do it manually outside of NiFi using mosquitto_pub, so I know that my various settings (username, password, etc) are correct. Has anyone done something similar, or can anyone offer any help here? 2017-08-08 17:20:28,570 ERROR [StandardProcessScheduler Thread-6] o.a.n.controller.StandardProcessorNode Failed to invoke @OnScheduled method due to java.lang.RuntimeException: Failed while executing one of processor's OnScheduled task. java.lang.RuntimeException: Failed while executing one of processor's OnScheduled task. at org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1480) at org.apache.nifi.controller.StandardProcessorNode.access$000(StandardProcessorNode.java:100) at org.apache.nifi.controller.StandardProcessorNode$1.run(StandardProcessorNode.java:1301) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: java.util.concurrent.ExecutionException: java.lang.reflect.InvocationTargetException at java.util.concurrent.FutureTask.report(FutureTask.java:122) at java.util.concurrent.FutureTask.get(FutureTask.java:206) at org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1463) ... 9 common frames omitted Caused by: java.lang.reflect.InvocationTargetException: null at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) Thanks, Jeff Oxenberg
publishmqtt with SSL
Hey, I’m trying to get NiFi to send mqtt messages to the Azure IoT Hub. The IoT Hub uses SSL certificates, and I’m having trouble getting it working with the publishmqtt processor. I create a StandardSSLContextService pointing the truststore at /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts. I made sure (I think) that the chain was trusted by importing it manually into the cacerts: openssl s_client -showcerts -connect gsetest.azure-devices.net:8883 msft.cert keytool -import -noprompt -trustcacerts -alias azure -file msft.cert -keystore /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security/cacerts -storepass changeit When I start the processor, I immediately get the below error. This all works when I do it manually outside of NiFi using mosquitto_pub, so I know that my various settings (username, password, etc) are correct. Has anyone done something similar, or can anyone offer any help here? 2017-08-08 17:20:28,570 ERROR [StandardProcessScheduler Thread-6] o.a.n.controller.StandardProcessorNode Failed to invoke @OnScheduled method due to java.lang.RuntimeException: Failed while executing one of processor's OnScheduled task. java.lang.RuntimeException: Failed while executing one of processor's OnScheduled task. at org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1480) at org.apache.nifi.controller.StandardProcessorNode.access$000(StandardProcessorNode.java:100) at org.apache.nifi.controller.StandardProcessorNode$1.run(StandardProcessorNode.java:1301) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: java.util.concurrent.ExecutionException: java.lang.reflect.InvocationTargetException at java.util.concurrent.FutureTask.report(FutureTask.java:122) at java.util.concurrent.FutureTask.get(FutureTask.java:206) at org.apache.nifi.controller.StandardProcessorNode.invokeTaskAsCancelableFuture(StandardProcessorNode.java:1463) ... 9 common frames omitted Caused by: java.lang.reflect.InvocationTargetException: null at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) Thanks, Jeff Oxenberg
