Hello,

I'm trying to set up secure communication between minifi-cpp 0.4.0 and
nifi, but unfortunately it fails with the following errors:

[org::apache::nifi::minifi::utils::HTTPClient] [error]
curl_easy_perform() failed SSL connect error
[org::apache::nifi::minifi::RemoteProcessorGroupPort] [error]
ProcessGroup::refreshRemoteSite2SiteInfo -- curl_easy_perform() failed

I looked quickly at the code and it seems the problem is that HTTPClient
never calls configure_secure_connection and therefor never presents a
client certificate to nifi.

The config.yml file defines a TailFail that send data directly to a
remote process group.

My  minifi.properties file:
nifi.version=0.1.0
nifi.flow.configuration.file=/opt/minifi/conf/config.yml
nifi.administrative.yield.duration=30 sec
nifi.bored.yield.duration=10 millis
nifi.provenance.repository.directory.default=/opt/minifi/provenance_repository
nifi.provenance.repository.max.storage.time=1 MIN
nifi.provenance.repository.max.storage.size=1 MB
nifi.remote.input.secure=true
nifi.https.need.ClientAuth=true
nifi.https.client.certificate=/opt/minifi/conf/client.pem
nifi.https.client.private.key=/opt/minifi/conf/client.key
nifi.https.client.pass.phrase=/opt/minifi/conf/password
nifi.https.client.ca.certificate=/opt/minifi/conf/nifi-cert.pem
controller.socket.host=localhost
controller.socket.port=9998

Certificates and key are correct and have been verified using curl from
the command line. Are there any other things I need to do to get minifi
to set up a secure connection? As far as I understand the "Security
Properties:" in config.yml is only used by the java version of minifi?

Thanks,
Arne

Reply via email to