Hi Folks - Have followed link - https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html#standalone and ran
sh tls-toolkit.sh standalone -n 'IPAdress_Server-1,IPAdress_Server-2' -B 'cert_pwd' -P 'keystore_pwd' -C 'CN=admin_user,OU=NIFI' Post that updated nifi properties and replaced keystore.jks and truststore.jks at respective conf directories. Still getting below exception javax.net.ssl.SSLPeerUnverifiedException: Hostname IPAdress_Server-1 not verified: certificate: sha256/iFuXwuZnOCkARK72ayOHJk1KZywi6niooID9RMpTJ2Q= DN: CN=IPAdress_Server-1, OU=NIFI subjectAltNames: [IPAdress_Server-1] Pls help. On Thu, Mar 12, 2020 at 8:33 PM Samarendra Sahoo <[email protected]> wrote: > We are enabling LDAP and SSL, have been successful in one node cluster. > However while running this for 2 node cluster, unable to succeed, have put > exception below. While we are troubleshooting, wanted to check if there are > any handy references for this. > > 2020-03-12 18:54:36,222 WARN [Process Cluster Protocol Request-2] > o.a.n.c.p.impl.SocketProtocolListener Failed processing protocol message > from bbsr02cloud10.ad.infosys.com due to > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path validation failed: > java.security.cert.CertPathValidatorException: Path does not chain with any > of the trust anchors > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path validation failed: > java.security.cert.CertPathValidatorException: Path does not chain with any > of the trust anchors > at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) > at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316) > at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310) > at > sun.security.ssl.ServerHandshaker.clientCertificate(ServerHandshaker.java:1983) > at > sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:232) > at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037) > at sun.security.ssl.Handshaker.process_record(Handshaker.java:965) > at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064) > at > sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367) > at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:931) > at sun.security.ssl.AppInputStream.read(AppInputStream.java:105) > at sun.security.ssl.AppInputStream.read(AppInputStream.java:71) > at > org.apache.nifi.stream.io.ByteCountingInputStream.read(ByteCountingInputStream.java:42) > at java.io.FilterInputStream.read(FilterInputStream.java:83) > at > org.apache.nifi.cluster.protocol.jaxb.JaxbProtocolContext$2.unmarshal(JaxbProtocolContext.java:110) > at > org.apache.nifi.cluster.protocol.impl.SocketProtocolListener.dispatchRequest(SocketProtocolListener.java:149) > at > org.apache.nifi.io.socket.SocketListener$2$1.run(SocketListener.java:136) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) > at java.lang.Thread.run(Thread.java:748) >
