You would want this just for the truststore. The keystore comes into play when you are looking at doing two-way or mutual SSL.
In your case, and please correct me if I am wrong, you are just looking to access content from an HTTPS site that is publicly available (like https://www.google.com/). The truststore just provides a way of vetting the specified endpoint as being as anticipated. On Thu, Nov 5, 2015 at 10:57 PM, M Singh <[email protected]> wrote: > Hi Aldrin: > > The password was the issue as you mentioned and that resolved my issue. > > I filled the same info for both keystore and truststore but am not sure if > both are required. Would it help to have some documentation on whether > keystore or truststore or both are required and how to trouble shoot the > store type and protocol misconfiguration issue. > > Thanks again for your help. > > Mans > > > > On Thursday, November 5, 2015 3:58 PM, Aldrin Piri <[email protected]> > wrote: > > > Hi Mans, > > Quite all right and SSL can be a bit overwhelming for those not familiar. > > We had a user with similar issues as you, please check out the associated > thread here: > https://mail-archives.apache.org/mod_mbox/nifi-users/201509.mbox/%[email protected]%3E > > In summary and with the assumption you are just trying to access a public > HTTPS site, you should be able to configure the truststore with the path as > you expected, but the password is "changeit" by default and not your > password. > > Let us know if you are still experiencing issues. > > For the rest of the community, this is something we need to make easier > and more obvious whether it is merely documentation or other mechanism > within the UI itself. > > Thanks! > > On Thu, Nov 5, 2015 at 6:51 PM, M Singh <[email protected]> wrote: > > Hi: > > I am trying to access a https endpoint using GetHttp processor and being a > newbie am having trouble. I am on a Mac with Java 1.8 and nifi version > 0.3.1-SNAPSHOT. > > In the GetHttp properties - when I set the url to the https endpoint > without any other setting, I get an error that no ssl context has been > specified. > > On setting the ssl context to StandardSSLContextService - I get a arrow > icon to set the properties of the SSL controller. I am not sure what > values are required for this dialog box (Keystore file, password, type, > Truststore file, password, type and ssl protocol). I've tried tls and > pointing the keystore and truststore files to > $JAVA_HOME/Contents/Home/jre/lib/security/cacerts with type jks and my > password but i get an error indicating that the keystore password is > invalid. > > This is the first time I am dealing with keystore/truststores so am > definitely missing something basic, but if anyone has any pointers to how > to I can resolve this, please let me know. > > Thanks. > > > > >
