Naveen, Currently, if you are using secure site-to-site, then it requires 2-way SSL. So you will want to use needClientAuth = true, and you will need the keystore and truststore configured for both NiFi and your client.
This is something that is being addressed for the 1.0.0 build, but as of right now it's two-way SSL or not secure. Thanks -Mark > On Nov 3, 2015, at 12:46 PM, Madhire, Naveen <[email protected]> > wrote: > > I did set the keystore properties and didn’t set the truststore properties > because I set “nifi.security.needClientAuth” to “false” > > Do I still need truststore property? > > > nifi.security.truststore= > nifi.security.truststoreType= > nifi.security.truststorePasswd= > nifi.security.needClientAuth=false > > > > > > > From: Mark Payne <[email protected] <mailto:[email protected]>> > Reply-To: "[email protected] <mailto:[email protected]>" > <[email protected] <mailto:[email protected]>> > Date: Tuesday, November 3, 2015 at 11:40 AM > To: "[email protected] <mailto:[email protected]>" > <[email protected] <mailto:[email protected]>> > Subject: Re: Client Site to Site > > Naveen, > > With the config provided below, you are setting the > "nifi.remote.input.secure" flag to true. > This means that you will need to also set the keystore and truststore > properties. > > Thanks > -Mark > > >> On Nov 3, 2015, at 12:36 PM, Madhire, Naveen <[email protected] >> <mailto:[email protected]>> wrote: >> >> Hi, >> >> I am unable to connect to Nifi Instance using site-to-site configuration. >> I’ve setup to run Nifi locally and also configured site-to- >> site-communication using the below properties, >> >> # Site to Site properties >> nifi.remote.input.socket.host= >> nifi.remote.input.socket.port=9870 >> nifi.remote.input.secure=true >> >> >> I created a simple workflow to pull the data from Kafka and put into an >> Output Port (“oput”). >> >> My issue is when I am using the below SiteToSiteClientConfig in my >> application I am getting “could not find port” error, >> >> >> SiteToSiteClientConfig clientConfig = new SiteToSiteClient.Builder() >> .url("http://localhost:8080/nifi/ <http://localhost:8080/nifi/>") >> .portName(“oput") >> .buildConfig(); >> >> >> Do I need to configure any other property to enable remote site-to-site? >> >> Please let me know. >> >> Thanks, >> Naveen >> >> The information contained in this e-mail is confidential and/or proprietary >> to Capital One and/or its affiliates and may only be used solely in >> performance of work or services for Capital One. The information transmitted >> herewith is intended only for use by the individual or entity to which it is >> addressed. If the reader of this message is not the intended recipient, you >> are hereby notified that any review, retransmission, dissemination, >> distribution, copying or other use of, or taking of any action in reliance >> upon this information is strictly prohibited. If you have received this >> communication in error, please contact the sender and delete the material >> from your computer. > > > The information contained in this e-mail is confidential and/or proprietary > to Capital One and/or its affiliates and may only be used solely in > performance of work or services for Capital One. The information transmitted > herewith is intended only for use by the individual or entity to which it is > addressed. If the reader of this message is not the intended recipient, you > are hereby notified that any review, retransmission, dissemination, > distribution, copying or other use of, or taking of any action in reliance > upon this information is strictly prohibited. If you have received this > communication in error, please contact the sender and delete the material > from your computer.
