Uploaded image for project: 'Apache NiFi'
  1. Apache NiFi
  2. NIFI-3691 Provide utility to verify configured security settings and certificates
  3. NIFI-7674

Toolkit diagnostic for Cluster configuration

    XMLWordPrintableJSON

Details

    Description

      Refer NIFI-7673 for problems addressed.

      1. Cluster TLS configuration verification
      2. Priority 1
      3. Addresses A, B, C, D, J, K
      4. Description: Verifies all nodes in the cluster have the ability to verify and communicate with each other (TLS only)
      5. Steps
      6. Run on each node
      7. Start simple Jetty server using keystore & truststore from nifi.properties on each node (using API port)
      8. Possible to run listening on multiple ports (API, CC, S2S, LB)
      1. Connect to embedded or external ZK and retrieve all cluster node hostnames
      2. Attempt to ping NiFi hostnames to resolve DNS/validate firewall
      3. Make simple request from each node to each other node and verify mTLS
      4. PKIX path building
      5. Cipher suite availability
      6. TLS protocol version availability
      7. Ports open

      Attachments

        Activity

          People

            VedaKadam Veda Kadam
            VedaKadam Veda Kadam
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: