Prashanth, The command you ran to generate client certificates did not have a space between “CN=admin,” and “OU=NIFI” in the certificate DN. This DN must match exactly the Initial Admin Identity you configure in authorizers.xml, which it does not. Either change the IAI to match the certificate DN and remove users.xml and authorizations.xml and restart NiFi, or use the TLS Toolkit to regenerate a client certificate with the DN that you put in authorizers.xml.
Andy LoPresto alopre...@apache.org alopresto.apa...@gmail.com PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Mar 13, 2018, at 5:24 AM, V, Prashanth (Nokia - IN/Bangalore) > <prashant...@nokia.com> wrote: > > Hi Team, > > I did the following steps to configure ssl for nifi: > Ran `bin/tls-toolkit.sh standalone -n 'hostname' -C 'CN=admin,OU=NIFI' -o > ./target` > Copied nifi.propeties, keystore & trustore jks file under nifi/conf folder > Updated authorizers.xml with > <image001.png> > Then restarted NiFi > > I was getting error like ‘No applicable policies could be found. Contact the > system administrator.’ > Then I just restarted the nifi again, then the error went. I am seeing this > behaviour everytime when I delete existing users.xml & authorizers.xml & > restarting NiFi ☹. > > Is it NiFi default behaviour? Please help me in resolving this issue. > > Thanks & Regards, > Prashanth V
Description: Message signed with OpenPGP using GPGMail