[
https://issues.apache.org/jira/browse/NIFI-7756?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andy LoPresto reassigned NIFI-7756:
-----------------------------------
Assignee: Andy LoPresto
> NIFI 1.12.0 doesn't work with wildcard certificates
> ---------------------------------------------------
>
> Key: NIFI-7756
> URL: https://issues.apache.org/jira/browse/NIFI-7756
> Project: Apache NiFi
> Issue Type: Bug
> Components: Core Framework, Security
> Affects Versions: 1.12.0
> Reporter: Heinz Mayer
> Assignee: Andy LoPresto
> Priority: Major
>
> After Upgrade to NIFI 1.12.0, NIFI doesn't start anymore
> The same keystore works with NIFI 1.11.4
> {code:java}
> 2020-08-21 07:52:21,462 INFO [main] o.e.jetty.util.ssl.SslContextFactory
> x509=X509@2559c968(tomcat,h=[mic.co.at],w=[mic.co.at]) for
> SslContextFactory@37f3a1a0[provider=null,keyStore=file:///opt/nifi/conf/keystore.jks,trustStore=file:///opt/nifi/conf/keystore.jks]2020-08-21
> 07:52:21,462 INFO [main] o.e.jetty.util.ssl.SslContextFactory
> x509=X509@2559c968(tomcat,h=[mic.co.at],w=[mic.co.at]) for
> SslContextFactory@37f3a1a0[provider=null,keyStore=file:///opt/nifi/conf/keystore.jks,trustStore=file:///opt/nifi/conf/keystore.jks]2020-08-21
> 07:52:21,469 WARN [main] org.apache.nifi.web.server.JettyServer Failed to
> start web server... shutting down.java.lang.IllegalStateException: KeyStores
> with multiple certificates are not supported on the base class
> org.eclipse.jetty.util.ssl.SslContextFactory. (Use
> org.eclipse.jetty.util.ssl.SslContextFactory$Server or
> org.eclipse.jetty.util.ssl.SslContextFactory$Client instead) at
> org.eclipse.jetty.util.ssl.SslContextFactory.newSniX509ExtendedKeyManager(SslContextFactory.java:1275)
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.getKeyManagers(SslContextFactory.java:1256)
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.load(SslContextFactory.java:374)
> at
> org.eclipse.jetty.util.ssl.SslContextFactory.doStart(SslContextFactory.java:245)
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> at
> org.eclipse.jetty.server.SslConnectionFactory.doStart(SslConnectionFactory.java:92)
> at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.start(ContainerLifeCycle.java:169)
> at
> org.eclipse.jetty.util.component.ContainerLifeCycle.doStart(ContainerLifeCycle.java:117)
> at
> org.eclipse.jetty.server.AbstractConnector.doStart(AbstractConnector.java:320)
> at
> org.eclipse.jetty.server.AbstractNetworkConnector.doStart(AbstractNetworkConnector.java:81)
> at
> org.eclipse.jetty.server.ServerConnector.doStart(ServerConnector.java:231) at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at org.eclipse.jetty.server.Server.doStart(Server.java:385) at
> org.eclipse.jetty.util.component.AbstractLifeCycle.start(AbstractLifeCycle.java:72)
> at org.apache.nifi.web.server.JettyServer.start(JettyServer.java:1058) at
> org.apache.nifi.NiFi.<init>(NiFi.java:158) at
> org.apache.nifi.NiFi.<init>(NiFi.java:72) at
> org.apache.nifi.NiFi.main(NiFi.java:301) {code}
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
