The error you are seeing now can also occur when the above properties mentioned by Andy are left blank. Java tries to determine the hostname, but ends up just seeing if as localhost. As mentioned by Andy, make sure the URL you are using in your Remote Process Group (RPG) uses a FQDN that matches the DN from the destination NiFi's cert. To see if this is the issue. You could always add manual entries in each systems /etc/hosts file that will resolve the cert's DNs to the IPs for those systems.
Matt On Jul 14, 2016 10:33 AM, "Andy LoPresto" <[email protected]> wrote: > Please check that the CN used in your certificates matches the value used > in “nifi.web.https.host” and “nifi.remote.input.host” in your > nifi.properties file. The expected value will be provided in the error > message you listed below. > > > Andy LoPresto > [email protected] > *[email protected] <[email protected]>* > PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > > On Jul 14, 2016, at 8:00 AM, Vinay <[email protected]> wrote: > > Andy, > > I tried the way to generate certificates mentioned by Matt and shared by > Mathew > > Try following this procedure: > > https://community.hortonworks.com/content/kbentry/17293/how-to-create-user-generated-keys-for-securing-nif.html > > > Now i get HTTPS hostname wrong: should be < hostname > > > 1. Both NIFI instances is been configured for site to site . > 2. Same CA was used to generate server /user certificates. > > Anything Iam missing still. > > > Regards, > Vinay > > > > > > > > > -- > View this message in context: > http://apache-nifi-developer-list.39713.n7.nabble.com/NIFI-Secure-Access-Site-to-Site-tp12735p12807.html > Sent from the Apache NiFi Developer List mailing list archive at > Nabble.com. > > >
