nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohammed Nadeem <nadeemm...@gmail.com>
Subject SSLHandshake Exception from Site-to-Site
Date Thu, 28 Feb 2019 15:43:57 GMT
Hi,

Can someone please help me resolving SSLHandshake issue (Site-to-Site) which
I'm getting in logs. This ERROR doesn't impact us from accessing the NiFi
canvas or any calls we make from Nifi components (like SSL Context Service).
This is something which keeps on throwing every now and then in
nifi-app.logs

Below, is the error we get in the logs

ERROR [Site-to-Site Worker Thread-138]
o.a.n.r.io.socket.ssl.SSLSocketChannel
org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel@938965a Failed to
connect due to {}
javax.net.ssl.SSLHandshakeException: Reached End-of-File marker while
performing handshake
	at
org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel.performHandshake(SSLSocketChannel.java:248)
	at
org.apache.nifi.remote.io.socket.ssl.SSLSocketChannel.connect(SSLSocketChannel.java:163)
	at
org.apache.nifi.remote.SocketRemoteSiteListener$1$1.run(SocketRemoteSiteListener.java:168)
	at java.lang.Thread.run(Thread.java:748)

ERROR [Site-to-Site Worker Thread-138]
o.a.nifi.remote.SocketRemoteSiteListener RemoteSiteListener Unable to accept
connection from Socket[unconnected] due to javax.net.ssl.SSLException:
Inbound closed before receiving peer's close_notify: possible truncation
attack? 

Setup,
CA Server is running on separate host ( eg, ca_server_host ) which generates
self-signed certificates
Each Nifi instance calls CA to get the keystore, trustore etc like the
necessary certs

Please help me understand the issue, I have gone through many resources
online but I wasn't able to resolve,

Thanks,
Nadeem



--
Sent from: http://apache-nifi-developer-list.39713.n7.nabble.com/

Mime
View raw message