Hi All, I have been working on getting a secure NiFi cluster to work with Knox. I would like to have Knox be the entry point to NiFi. I have a NiFi cluster running in secure mode without error. Now I would like to place Knox in front of the Cluster. I have KnoxSSO setup which is configured with an external OpenID provider for which users are redirected to authN. This setup works fine when NiFi cluster is insecure.
The error that I am getting is on the Knox side: ... *Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target* ... I am pretty sure it is a cert issue (I reached out to the Knox Users Group and they think that it is a cert issue). I used the TLS Toolkit (Client/Server mode) to generate certs for the Knox machine. I imported the keystore.jks and truststore.jks to the Knox gateway.jks keystore. This did not solve the issue though. Is there something else that I should be importing into the Knox gateway.jks store based on what is generated by the TLS Toolkit? Any help is appreciated! Cheers, Ryan
