Details

      Description

      Refer NIFI-7673 for problems addressed.

      1. Cluster TLS configuration verification
      2. Priority 1
      3. Addresses A, B, C, D, J, K
      4. Description: Verifies all nodes in the cluster have the ability to verify and communicate with each other (TLS only)
      5. Steps
      6. Run on each node
      7. Start simple Jetty server using keystore & truststore from nifi.properties on each node (using API port)
      8. Possible to run listening on multiple ports (API, CC, S2S, LB)
      1. Connect to embedded or external ZK and retrieve all cluster node hostnames
      2. Attempt to ping NiFi hostnames to resolve DNS/validate firewall
      3. Make simple request from each node to each other node and verify mTLS
      4. PKIX path building
      5. Cipher suite availability
      6. TLS protocol version availability
      7. Ports open

        Attachments

          Activity

            People

            • Assignee:
              VedaKadam Veda Kadam
              Reporter:
              VedaKadam Veda Kadam
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: