[ https://issues.apache.org/jira/browse/NIFI-7756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andy LoPresto reassigned NIFI-7756: ----------------------------------- Assignee: Andy LoPresto > NIFI 1.12.0 doesn't work with wildcard certificates > --------------------------------------------------- > > Key: NIFI-7756 > URL: https://issues.apache.org/jira/browse/NIFI-7756 > Project: Apache NiFi > Issue Type: Bug > Components: Core Framework, Security > Affects Versions: 1.12.0 > Reporter: Heinz Mayer > Assignee: Andy LoPresto > Priority: Major > > After Upgrade to NIFI 1.12.0, NIFI doesn't start anymore > The same keystore works with NIFI 1.11.4 > {code:java} > 2020-08-21 07:52:21,462 INFO [main] o.e.jetty.util.ssl.SslContextFactory > x509=X509@2559c968(tomcat,h=[mic.co.at],w=[mic.co.at]) for > SslContextFactory@37f3a1a0[provider=null,keyStore=file:///opt/nifi/conf/keystore.jks,trustStore=file:///opt/nifi/conf/keystore.jks]2020-08-21 > 07:52:21,462 INFO [main] o.e.jetty.util.ssl.SslContextFactory > x509=X509@2559c968(tomcat,h=[mic.co.at],w=[mic.co.at]) for > SslContextFactory@37f3a1a0[provider=null,keyStore=file:///opt/nifi/conf/keystore.jks,trustStore=file:///opt/nifi/conf/keystore.jks]2020-08-21 > 07:52:21,469 WARN [main] org.apache.nifi.web.server.JettyServer Failed to > start web server... shutting down.java.lang.IllegalStateException: KeyStores > with multiple certificates are not supported on the base class > org.eclipse.jetty.util.ssl.SslContextFactory. (Use > org.eclipse.jetty.util.ssl.SslContextFactory$Server or > org.eclipse.jetty.util.ssl.SslContextFactory$Client instead) at > org.eclipse.jetty.util.ssl.SslContextFactory.newSniX509ExtendedKeyManager(SslContextFactory.java:1275) > at > org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1256) > at > org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:374) > at > org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > at > org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92) > at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169) > at > org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117) > at > org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320) > at > org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81) > at > org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231) at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > at org.eclipse.jetty.server.Server.doStart(Server.java:385) at > org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72) > at org.apache.nifi.web.server.JettyServer.start(JettyServer.java:1058) at > org.apache.nifi.NiFi.<init>(NiFi.java:158) at > org.apache.nifi.NiFi.<init>(NiFi.java:72) at > org.apache.nifi.NiFi.main(NiFi.java:301) {code} > -- This message was sent by Atlassian Jira (v8.3.4#803005)