Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
1.19.0, 1.19.1
-
None
-
None
Description
When running NiFi 1.19.0 using the apache/nifi docker image, the NiFi Toolkit is not able to connect to the running NiFi instance (with the default Single User Auth enabled).
Having updated the NiFi Toolkit CLI properties file with the Truststore and Keystore details generated by NiFi (found within nifi.properties), then attempting to run a command using the NiFi Toolkit command line such as:
/opt/nifi/nifi-toolkit-current/bin/cli.sh session set nifi /opt/nifi/nifi-toolkit-current/bin/cli.sh nifi get-services
The following error is returned:
ERROR: Error executing command 'get-services' : Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
This suggests something isn't working correctly with the NiFi Toolkit JVM process/configuration or such (e.g. the correct truststore is not being used, see https://www.baeldung.com/java-trustanchors-parameter-must-be-non-empty)
Attachments
Issue Links
- fixes
-
NIFI-10929 NiFi generated certificates (e.g. Single User, or nifi-toolkit) are not compatible with OpenSSL 3.x+
- Resolved
- is related to
-
NIFI-2943 tls-toolkit pkcs12 truststore 0 entries
- Resolved
-
NIFI-8088 Remove PKCS12 Deprecation Warning in KeyStoreUtils
- Resolved
- relates to
-
NIFI-11133 TLS Toolkit Standalone Mode Sets Null Password for Client Keys
- Resolved
- links to