nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andy LoPresto <alopre...@apache.org>
Subject Re: NiFi 1.1.1 proxy authorization error
Date Wed, 25 Jan 2017 19:02:41 GMT
Yes, you can manually construct the keystore and truststore files if you know how. The toolkit
is provided as a convenience for users who do not have the experience or a dedicated security
team to generate those files.


Andy LoPresto
alopresto@apache.org
alopresto.apache@gmail.com
PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69

> On Jan 25, 2017, at 6:42 AM, bmichaud <ben_michaud@optum.com> wrote:
> 
> The way I was setting up initial security was with the legacy
> authorized-users.xml file. additionally, my certificate keystore.jks has
> been and must be generated  by a company internal tool. I have done so, and
> generated a truststore file using the java keytool, adding trusted entries
> for various public keys we use for our company. This has worked fine in
> 1.0.0 and prior versions.
> 
> The instructions from Brian Bende suggests that I use the tls toolkit to
> generate keystore and truststore, but I just need to append the common
> server and the three servers in my cluster. I know that all of these
> servers's certificates are included in my keystore file already, so I
> believe that I just need to add truststore entries.
> 
> Is the best way to do that to use a plain text PEM file and edit it with a
> test editor?
> 
> 
> 
> --
> View this message in context: http://apache-nifi-developer-list.39713.n7.nabble.com/NiFi-1-1-1-can-t-start-as-a-cluster-OverlappingFileLockException-tp14486p14518.html
> Sent from the Apache NiFi Developer List mailing list archive at Nabble.com.


Mime
View raw message