Hi Team,

For secure cluster setup,

-> Initially created a 2-node cluster with all the configurations and it worked fine. So, I tried to add SSL certificates to it for which I have downloaded nifi-toolkit and extracted it. Then for generating certificates ran the following command on one of my servers.


Here nifi-1 and nifi-2 are hostnames of my servers.

./bin/tls-toolkit.sh standalone -n nifi-1,nifi-2 -K password -P password

-> After running the above command, these folders and files got generated

Files generated: truststore.jks, keystore.jks, nifi.properties, nifi-cert.pem, nifi-key.key

image.png

->So, moved nifi-2 folder, nifi-cert.pem and  nifi-key.key to other servers (cluster node)

-> Modified nifi-toolkit/nifi.properties and conf/nifi.properties i.e. made both the contents of the file as same configurations added certifications path, given encrypted passwords and cluster configurations in both the nodes

->  Modified the authorizers.xml as follows:

-->

     <authorizer>

        <identifier>file-provider</identifier>

        <class>org.apache.nifi.authorization.FileAuthorizer</class>

        <property name="Authorizations File">./conf/authorizations.xml</property>

        <property name="Users File">./conf/users.xml</property>

        <property name="Initial Admin Identity">CN=admin, OU=NIFI</property>

        <property name="Legacy Authorized Users File"></property>

        <property name="Node Identity 1">CN=nifi-1, OU=NIFI</property>

        <property name="Node Identity 2">CN=nifi-2, OU=NIFI</property>

    </authorizer>

-> Now started the cluster in the both nodes

We are getting the below error:

image.png

-> For this, we tried to delete the existing keys and generated the new key pairs and followed the same procedure and started the cluster, but even then we are facing the same issue.

 

Thanks,
Uma Sri Vullanki