nifi.zookeeper.connect.string=vm-nifi-secured-01:2281 (currently we did one machine with zk)
Internal Use - Confidential From: Mark Payne <[email protected]> Sent: Thursday, 16 December 2021 16:20 To: users Subject: Re: javax.net.ssl.SSLPeerUnverifiedException [EXTERNAL MAIL] Lior, What do you have set for the “nifi.zookeeper.connect.string” property in nifi.properties? Thanks -Mark On Dec 16, 2021, at 4:26 AM, Lior Halperin <[email protected]<mailto:[email protected]>> wrote: Hi, We are using nifi 1.15 secured cluster with external zk 3.7.0 defined in the zk conf: ssl.hostnameVerification=false ssl.quorum.hostnameVerification=false sslQuorum=false also in the nifi nodes zookeeper properties we defined ssl.hostnameVerification=false ssl.quorum.hostnameVerification=false on nifi start up nodes we get : 2021-12-15 21:57:43,440 ERROR [nioEventLoopGroup-2-1] o.apache.zookeeper.common.ZKTrustManager Failed to verify host address: 127.0.0.1 javax.net<https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Furldefense.com%2Fv3%2F__http%3A%2F%2Fjavax.net%2F__%3B!!KcCDy9is!smYEPjRrMifLOF9b7WWcmXijvP__UP-YyVwbMiAIOxB6KET4E2lWRec-Z3pcaiIVcN4%24&data=04%7C01%7Clior.halperin%40outseer.com%7Cf197c66441874353cae508d9c09f3f02%7C80be6ad4370143d1a7c3a71eb4edff96%7C0%7C0%7C637752612453578853%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=5I%2BI7%2FcDQmcy0rSchuRkTzopz6Dz95yfphdwDoVu8dE%3D&reserved=0>.ssl.SSLPeerUnverifiedException: Certificate for <127.0.0.1> doesn't match common name of the certificate subject: APP SERVER KEY what are definitions we miss that should eliminate the SSLPeerUnverifiedException? Internal Use - Confidential
