Hi,
i am using Nifi 2.1.0 with Kubernetes in an Openshift Cluster and i am trying to monitor the application over the Prometheus API Endpoint (`/nifi-api/flow/metrics/prometheus`).
Using Nifi in Openshift creates some difficulties (like rootless Nifi), but now i can't proceed with the last steps. The Prometheus Api is callling Nifi by its changing internal IP. So we get an SNI Error, because Nifi 2 uses Java 21 with Jetty Server 12 and the internal IP is not the same as the certificate shows for the external access. I want to deactivate the Jetty SNI check.
SNI Problems are common with Kubernetes Workflows, so Nifi should integrate the ability to disable SNI checks. Is there a workaround?
I tried to disable the jetty sni check with java args in the bootstrap file, but i think those confs are overwritten:
`java.arg.7=-Djetty.ssl.sniRequired=false`
`java.arg.8=-Djetty.ssl.sniHostCheck=false`
The confs are loaded in the Java Runtime!
It would be greate, to be able to monitor the Nifi application and to disable sni checks.
Thanks for the great work,
Jakob Janatka
i am using Nifi 2.1.0 with Kubernetes in an Openshift Cluster and i am trying to monitor the application over the Prometheus API Endpoint (`/nifi-api/flow/metrics/prometheus`).
Using Nifi in Openshift creates some difficulties (like rootless Nifi), but now i can't proceed with the last steps. The Prometheus Api is callling Nifi by its changing internal IP. So we get an SNI Error, because Nifi 2 uses Java 21 with Jetty Server 12 and the internal IP is not the same as the certificate shows for the external access. I want to deactivate the Jetty SNI check.
SNI Problems are common with Kubernetes Workflows, so Nifi should integrate the ability to disable SNI checks. Is there a workaround?
I tried to disable the jetty sni check with java args in the bootstrap file, but i think those confs are overwritten:
`java.arg.7=-Djetty.ssl.sniRequired=false`
`java.arg.8=-Djetty.ssl.sniHostCheck=false`
The confs are loaded in the Java Runtime!
It would be greate, to be able to monitor the Nifi application and to disable sni checks.
Thanks for the great work,
Jakob Janatka
