Yes it supports mutual auth, as long you are using an SSL Context Service that has a keystore.
What syslog server are you connecting to? On Fri, Apr 10, 2020 at 10:07 AM muhyid72 <[email protected]> wrote: > Hi Brayn, > > Thank you for your answer. > > In the first error, it looks like maybe you had PutSyslog configured for > TLS/SSL, but were sending to a port that was not listening for TLS/SSL, but > regular TCP. > > --> I suspected same thing therefore I tried same process (with Java JRE > 1.8.0_241 (64 Bit)) through Logstash 7.3.1 with secure (TLS) configuration > and it run. > > In the second error, it means the truststore in the SSL Context Service in > NiFi, does not trust the certificate presented by the syslog server. > > --> I thought same thing and I added my certificate, root certificate, > intermediate certificate (I mean all of them) to keystore, truststore and > java cacert. I mean, I added all the certificates to almost all stores. > > > I tried 2 different version of Java with same certificate configuration > (stores, cacert etc) to make sure there was no problem with Java > > Java 8 Error: javax.net.ssl.SSLException: Inbound closed before receiving > peer's close_notify: possible truncation attack? > > Java 11 Error: javax.net.ssl.SSLHandshakeException: PKIX path building > failed: sun.security.provider.certpath.SunCertPathBuilderException: unable > to find valid certification path to requested target > > I am using mutual authentication (two way authentication) for sending > messages to syslog, Does NiFi support mutual authentication? > > Actually I am trying to replace LogStash with NiFi therefore mutual > authentication part is critical > > > > -- > Sent from: http://apache-nifi-users-list.2361937.n4.nabble.com/ >
