Hi, In order to do this, you will need to download/obtain the self-signed server certificate that is presented by the remote service (you can do this through a tool like OpenSSL’s s_client with the -showcerts flag) in PEM format, import it into a Java Keystore file acting as a truststore (see commands below), and then identify that truststore using a StandardSSLContextService, which you will reference in the InvokeHTTP processor.
If you encounter a specific error or exception, feel free to reply so we can assist more directly. > openssl x509 -outform der -in certificate.pem -out certificate.der > keytool -import -alias your-alias -keystore cacerts -file certificate.der Andy LoPresto [email protected] [email protected] PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On Feb 15, 2018, at 7:39 PM, nifi-san <[email protected]> wrote: > > Hello Experts, > > We have a Nifi cluster without certificates or SSL implementation. > We have a requirement to call another url/interface from the Nifi flows > using https url since the end point is configured with SSL. > The "https" end point uses a self signed certificate and in order to trust > the certificate,we need to configure or point the flows on Nifi with the > Trust certificate. > > We tried the options mentioned in the links below but have not been > successful in getting the connection to work. > > http://www.tomaszezula.com/2016/11/06/using-ssl-with-nifi/ > > > Apart from Nifi ,other components such as Spark jobs running on cluster and > even the browser are able to trust the certificates. > > Any pointers would be highly appreciated! > > Thanks > > > > -- > Sent from: http://apache-nifi-developer-list.39713.n7.nabble.com/
signature.asc
Description: Message signed with OpenPGP using GPGMail
