Facing issue in Site to Site Https Communication

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Facing issue in Site to Site Https Communication

Nishant Gupta
Hi Team,

I am trying to make site to site communication between 2 standalone nifi
instances.
I am getting below error

2017-11-12 23:44:41,304 WARN [Remote Process Group
b1265abf-015f-1000-632e-e7939fbad38f: https://X.X.X.X:9443/nifi Thread-1]
o.a.n.remote.StandardRemoteProcessGroup Unable to connect to
RemoteProcessGroup[https://X.X.X.X:9443/nifi] due to
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path validation failed:
java.security.cert.CertPathValidatorException: Path does not chain with any
of the trust anchors.

I have generated the certificate using below command and imported in
browser.:

sudo bash ./tls-toolkit.sh standalone -n 'server-1,server-2' -C 'CN=demo,
OU=nifi' -O -o ../security_output

I am not able to figure out any solution on google.

Can you please help me out.

Thanks and Regards,
Nishant Gupta
Reply | Threaded
Open this post in threaded view
|

Re: Facing issue in Site to Site Https Communication

Pierre Villard
Hi,

Based on your error message, the problem is most likely with your
truststore configuration. What did you configure for HTTPS in your
nifi.properties configuration file?

Pierre


Le 12 nov. 2017 19:38, "Nishant Gupta" <[hidden email]> a
écrit :

Hi Team,

I am trying to make site to site communication between 2 standalone nifi
instances.
I am getting below error

2017-11-12 23:44:41,304 WARN [Remote Process Group
b1265abf-015f-1000-632e-e7939fbad38f: https://X.X.X.X:9443/nifi Thread-1]
o.a.n.remote.StandardRemoteProcessGroup Unable to connect to
RemoteProcessGroup[https://X.X.X.X:9443/nifi] due to
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path validation failed:
java.security.cert.CertPathValidatorException: Path does not chain with any
of the trust anchors.

I have generated the certificate using below command and imported in
browser.:

sudo bash ./tls-toolkit.sh standalone -n 'server-1,server-2' -C 'CN=demo,
OU=nifi' -O -o ../security_output

I am not able to figure out any solution on google.

Can you please help me out.

Thanks and Regards,
Nishant Gupta