Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Sanjeet, Thanks for the confirmation, glad to hear the workaround resolved the problem! I have created the following Jira issue to correct the protection scheme resolver: https://issues.apache.org/jira/browse/NIFI-9988 Regards, David Handermann On Wed, May 4, 2022 at 12:40 PM sanjeet rath wrote: > Thanks David, it worked after the suggested manual changes in both the > files. > > Thanks a lot for the help > Sanjeet > > On Wed, 4 May 2022 at 10:24 PM, David Handermann < > exceptionfact...@apache.org> wrote: > >> Hi Sanjeet, >> >> Following up on my previous reply, the potential workaround would >> actually require changing "aes/gcm/256" to "AES_GCM". I am looking into >> addressing this problem in a Jira issue. >> >> Regards, >> David Handermann >> >> On Wed, May 4, 2022 at 11:41 AM David Handermann < >> exceptionfact...@apache.org> wrote: >> >>> Hi Sanjeet, >>> >>> Reviewing the implementation related to the error message you provided, >>> it looks like this could be a bug with decrypting values in authorizers.xml. >>> >>> As a workaround, can you try manually editing authorizers.xml and >>> login-identity-providers.xml, changing "aes/gcm/256" to just "aes/gcm"? >>> >>> The protection scheme resolver should match the standard value, but >>> there may be a problem with the comparison of encryption scheme names. >>> Changing the "encryption" attribute value to "aes/gcm" may work around the >>> problem, but it sounds like this may need to be addressed in a Jira issue. >>> >>> Regards, >>> David Handermann >>> >>> On Wed, May 4, 2022 at 11:22 AM sanjeet rath >>> wrote: >>> >>>> Hi Isha, >>>> >>>> We are using same java instalation. >>>> >>>> Our java version is open idk 11. >>>> >>>> In the same system only we are able to encrypt aes/gcm/256 for our old >>>> 1.12.1 nifi version. >>>> >>>> Thanks, >>>> Sanjeet >>>> >>>> >>>> On Wed, 4 May 2022 at 8:40 PM, Isha Lamboo < >>>> isha.lam...@virtualsciences.nl> wrote: >>>> >>>>> Hi Sanjeeth, >>>>> >>>>> >>>>> >>>>> Are you performing the toolkit encryption using the same java >>>>> installation that’s running the NiFi server? >>>>> >>>>> >>>>> >>>>> If not, you may be running into problems because of encryption >>>>> limitations on the java version on your NiFi server. >>>>> >>>>> I think AES256 needs the “Unlimited Strength Encryption” policy and >>>>> that may not be enabled (or even allowed to be enabled in your country). >>>>> >>>>> >>>>> >>>>> If you run the toolkit with the same java installation as the server, >>>>> you can verify this. It should either use aes/gcm/128 or give the same >>>>> error if it tries to use aes/gcm/256. >>>>> >>>>> >>>>> >>>>> Another thing to check is whether you’re using Java 8-251 or newer as >>>>> the migration guidance states. >>>>> >>>>> >>>>> >>>>> Regards, >>>>> >>>>> >>>>> >>>>> Isha >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> *Van:* sanjeet rath >>>>> *Verzonden:* woensdag 4 mei 2022 17:09 >>>>> *Aan:* users@nifi.apache.org >>>>> *Onderwerp:* Re: Nifi 1.16.1 migration failed for encrypted of >>>>> sensitive values >>>>> >>>>> >>>>> >>>>> Thanks Pierre for the quick response. I have followed the same doc and >>>>> this is the 3rd version upgrade I am doing for nifi. >>>>> >>>>> >>>>> >>>>> Actually if u see the last line of the error it looks like aes/gcm/256 >>>>> is not supported. >>>>> >>>>> >>>>> >>>>> So if you could point something I am doing wrong for this specific >>>>> 1.16.1 version then it would be really helpful for me. >>>>> >>>>> >>>>> >>>>> Thanks, >>&g
Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Thanks David, it worked after the suggested manual changes in both the files. Thanks a lot for the help Sanjeet On Wed, 4 May 2022 at 10:24 PM, David Handermann < exceptionfact...@apache.org> wrote: > Hi Sanjeet, > > Following up on my previous reply, the potential workaround would actually > require changing "aes/gcm/256" to "AES_GCM". I am looking into addressing > this problem in a Jira issue. > > Regards, > David Handermann > > On Wed, May 4, 2022 at 11:41 AM David Handermann < > exceptionfact...@apache.org> wrote: > >> Hi Sanjeet, >> >> Reviewing the implementation related to the error message you provided, >> it looks like this could be a bug with decrypting values in authorizers.xml. >> >> As a workaround, can you try manually editing authorizers.xml and >> login-identity-providers.xml, changing "aes/gcm/256" to just "aes/gcm"? >> >> The protection scheme resolver should match the standard value, but there >> may be a problem with the comparison of encryption scheme names. Changing >> the "encryption" attribute value to "aes/gcm" may work around the problem, >> but it sounds like this may need to be addressed in a Jira issue. >> >> Regards, >> David Handermann >> >> On Wed, May 4, 2022 at 11:22 AM sanjeet rath >> wrote: >> >>> Hi Isha, >>> >>> We are using same java instalation. >>> >>> Our java version is open idk 11. >>> >>> In the same system only we are able to encrypt aes/gcm/256 for our old >>> 1.12.1 nifi version. >>> >>> Thanks, >>> Sanjeet >>> >>> >>> On Wed, 4 May 2022 at 8:40 PM, Isha Lamboo < >>> isha.lam...@virtualsciences.nl> wrote: >>> >>>> Hi Sanjeeth, >>>> >>>> >>>> >>>> Are you performing the toolkit encryption using the same java >>>> installation that’s running the NiFi server? >>>> >>>> >>>> >>>> If not, you may be running into problems because of encryption >>>> limitations on the java version on your NiFi server. >>>> >>>> I think AES256 needs the “Unlimited Strength Encryption” policy and >>>> that may not be enabled (or even allowed to be enabled in your country). >>>> >>>> >>>> >>>> If you run the toolkit with the same java installation as the server, >>>> you can verify this. It should either use aes/gcm/128 or give the same >>>> error if it tries to use aes/gcm/256. >>>> >>>> >>>> >>>> Another thing to check is whether you’re using Java 8-251 or newer as >>>> the migration guidance states. >>>> >>>> >>>> >>>> Regards, >>>> >>>> >>>> >>>> Isha >>>> >>>> >>>> >>>> >>>> >>>> *Van:* sanjeet rath >>>> *Verzonden:* woensdag 4 mei 2022 17:09 >>>> *Aan:* users@nifi.apache.org >>>> *Onderwerp:* Re: Nifi 1.16.1 migration failed for encrypted of >>>> sensitive values >>>> >>>> >>>> >>>> Thanks Pierre for the quick response. I have followed the same doc and >>>> this is the 3rd version upgrade I am doing for nifi. >>>> >>>> >>>> >>>> Actually if u see the last line of the error it looks like aes/gcm/256 >>>> is not supported. >>>> >>>> >>>> >>>> So if you could point something I am doing wrong for this specific >>>> 1.16.1 version then it would be really helpful for me. >>>> >>>> >>>> >>>> Thanks, >>>> >>>> Sanjeet >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Wed, 4 May 2022 at 8:20 PM, Pierre Villard < >>>> pierre.villard...@gmail.com> wrote: >>>> >>>> Hi, >>>> >>>> >>>> >>>> I recommend reading the migration guidance documentation: >>>> >>>> https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance >>>> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcwiki.apache.org%2Fconfluence%2Fdisplay%2FNIFI%2FMigration%2BGuidance=05%7C01%7Cisha.lamboo%40virtualsciences.nl%7Ca6cf25040df64db1d3c908da2de0058f%7C2
Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Hi Sanjeet, Following up on my previous reply, the potential workaround would actually require changing "aes/gcm/256" to "AES_GCM". I am looking into addressing this problem in a Jira issue. Regards, David Handermann On Wed, May 4, 2022 at 11:41 AM David Handermann < exceptionfact...@apache.org> wrote: > Hi Sanjeet, > > Reviewing the implementation related to the error message you provided, it > looks like this could be a bug with decrypting values in authorizers.xml. > > As a workaround, can you try manually editing authorizers.xml and > login-identity-providers.xml, changing "aes/gcm/256" to just "aes/gcm"? > > The protection scheme resolver should match the standard value, but there > may be a problem with the comparison of encryption scheme names. Changing > the "encryption" attribute value to "aes/gcm" may work around the problem, > but it sounds like this may need to be addressed in a Jira issue. > > Regards, > David Handermann > > On Wed, May 4, 2022 at 11:22 AM sanjeet rath > wrote: > >> Hi Isha, >> >> We are using same java instalation. >> >> Our java version is open idk 11. >> >> In the same system only we are able to encrypt aes/gcm/256 for our old >> 1.12.1 nifi version. >> >> Thanks, >> Sanjeet >> >> >> On Wed, 4 May 2022 at 8:40 PM, Isha Lamboo < >> isha.lam...@virtualsciences.nl> wrote: >> >>> Hi Sanjeeth, >>> >>> >>> >>> Are you performing the toolkit encryption using the same java >>> installation that’s running the NiFi server? >>> >>> >>> >>> If not, you may be running into problems because of encryption >>> limitations on the java version on your NiFi server. >>> >>> I think AES256 needs the “Unlimited Strength Encryption” policy and that >>> may not be enabled (or even allowed to be enabled in your country). >>> >>> >>> >>> If you run the toolkit with the same java installation as the server, >>> you can verify this. It should either use aes/gcm/128 or give the same >>> error if it tries to use aes/gcm/256. >>> >>> >>> >>> Another thing to check is whether you’re using Java 8-251 or newer as >>> the migration guidance states. >>> >>> >>> >>> Regards, >>> >>> >>> >>> Isha >>> >>> >>> >>> >>> >>> *Van:* sanjeet rath >>> *Verzonden:* woensdag 4 mei 2022 17:09 >>> *Aan:* users@nifi.apache.org >>> *Onderwerp:* Re: Nifi 1.16.1 migration failed for encrypted of >>> sensitive values >>> >>> >>> >>> Thanks Pierre for the quick response. I have followed the same doc and >>> this is the 3rd version upgrade I am doing for nifi. >>> >>> >>> >>> Actually if u see the last line of the error it looks like aes/gcm/256 >>> is not supported. >>> >>> >>> >>> So if you could point something I am doing wrong for this specific >>> 1.16.1 version then it would be really helpful for me. >>> >>> >>> >>> Thanks, >>> >>> Sanjeet >>> >>> >>> >>> >>> >>> >>> >>> On Wed, 4 May 2022 at 8:20 PM, Pierre Villard < >>> pierre.villard...@gmail.com> wrote: >>> >>> Hi, >>> >>> >>> >>> I recommend reading the migration guidance documentation: >>> >>> https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance >>> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcwiki.apache.org%2Fconfluence%2Fdisplay%2FNIFI%2FMigration%2BGuidance=05%7C01%7Cisha.lamboo%40virtualsciences.nl%7Ca6cf25040df64db1d3c908da2de0058f%7C21429da9e4ad45f99a6fcd126a64274b%7C0%7C0%7C637872737450174797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=GMsVs2HdwuGzny9ty2yfXgr0593suh0l1ULuErpvWlw%3D=0> >>> >>> >>> >>> HTH, >>> >>> Pierre >>> >>> >>> >>> Le mer. 4 mai 2022 à 16:46, sanjeet rath a >>> écrit : >>> >>> Hi , >>> >>> >>> >>> I am facing one issue in migration from 1.12 to 1.16.1 . >>> >>> I have created one 1.16.1 cluster.And copied flow.xml , authoriser and >>> authorisation user file my previous 1.12 version of cluster to this new >>> cluster. >>> >>> >>> >>> When I am starting the cluster with all the keystone password in >>> authoriser and loginidentifer and nifi sensitive key value unencrypted in >>> nifi properties file. Then cluster came without any issue. >>> >>> >>> >>> When I am encrypting using keytool , all the properties are succefully >>> encrypted. How ever while starting the cluster getting one error >>> >>> >>> >>> Error in creating bean with name ‘authoriser’ factory bean threw >>> exception on object creation nested exception is org.apache.nifi.project. >>> Senstivepropertyprotectionexception: protection scheme [aes/gcm/256] is >>> not supported. >>> >>> >>> >>> Any hint is really helpful as trying from last 2 days. >>> >>> >>> >>> Thanks and regards >>> >>> Sanjeet >>> >>> >>> >>> >>> >>> >>> >>> >>> >>> -- >>> >>> Sanjeet Kumar Rath, >>> mob- +91 8777577470 >>> >>> -- >>> >>> Sanjeet Kumar Rath, >>> mob- +91 8777577470 >>> >> -- >> Sanjeet Kumar Rath, >> mob- +91 8777577470 >> >>
Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Hi Sanjeet, Reviewing the implementation related to the error message you provided, it looks like this could be a bug with decrypting values in authorizers.xml. As a workaround, can you try manually editing authorizers.xml and login-identity-providers.xml, changing "aes/gcm/256" to just "aes/gcm"? The protection scheme resolver should match the standard value, but there may be a problem with the comparison of encryption scheme names. Changing the "encryption" attribute value to "aes/gcm" may work around the problem, but it sounds like this may need to be addressed in a Jira issue. Regards, David Handermann On Wed, May 4, 2022 at 11:22 AM sanjeet rath wrote: > Hi Isha, > > We are using same java instalation. > > Our java version is open idk 11. > > In the same system only we are able to encrypt aes/gcm/256 for our old > 1.12.1 nifi version. > > Thanks, > Sanjeet > > > On Wed, 4 May 2022 at 8:40 PM, Isha Lamboo > wrote: > >> Hi Sanjeeth, >> >> >> >> Are you performing the toolkit encryption using the same java >> installation that’s running the NiFi server? >> >> >> >> If not, you may be running into problems because of encryption >> limitations on the java version on your NiFi server. >> >> I think AES256 needs the “Unlimited Strength Encryption” policy and that >> may not be enabled (or even allowed to be enabled in your country). >> >> >> >> If you run the toolkit with the same java installation as the server, you >> can verify this. It should either use aes/gcm/128 or give the same error if >> it tries to use aes/gcm/256. >> >> >> >> Another thing to check is whether you’re using Java 8-251 or newer as the >> migration guidance states. >> >> >> >> Regards, >> >> >> >> Isha >> >> >> >> >> >> *Van:* sanjeet rath >> *Verzonden:* woensdag 4 mei 2022 17:09 >> *Aan:* users@nifi.apache.org >> *Onderwerp:* Re: Nifi 1.16.1 migration failed for encrypted of sensitive >> values >> >> >> >> Thanks Pierre for the quick response. I have followed the same doc and >> this is the 3rd version upgrade I am doing for nifi. >> >> >> >> Actually if u see the last line of the error it looks like aes/gcm/256 is >> not supported. >> >> >> >> So if you could point something I am doing wrong for this specific 1.16.1 >> version then it would be really helpful for me. >> >> >> >> Thanks, >> >> Sanjeet >> >> >> >> >> >> >> >> On Wed, 4 May 2022 at 8:20 PM, Pierre Villard < >> pierre.villard...@gmail.com> wrote: >> >> Hi, >> >> >> >> I recommend reading the migration guidance documentation: >> >> https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance >> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcwiki.apache.org%2Fconfluence%2Fdisplay%2FNIFI%2FMigration%2BGuidance=05%7C01%7Cisha.lamboo%40virtualsciences.nl%7Ca6cf25040df64db1d3c908da2de0058f%7C21429da9e4ad45f99a6fcd126a64274b%7C0%7C0%7C637872737450174797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=GMsVs2HdwuGzny9ty2yfXgr0593suh0l1ULuErpvWlw%3D=0> >> >> >> >> HTH, >> >> Pierre >> >> >> >> Le mer. 4 mai 2022 à 16:46, sanjeet rath a >> écrit : >> >> Hi , >> >> >> >> I am facing one issue in migration from 1.12 to 1.16.1 . >> >> I have created one 1.16.1 cluster.And copied flow.xml , authoriser and >> authorisation user file my previous 1.12 version of cluster to this new >> cluster. >> >> >> >> When I am starting the cluster with all the keystone password in >> authoriser and loginidentifer and nifi sensitive key value unencrypted in >> nifi properties file. Then cluster came without any issue. >> >> >> >> When I am encrypting using keytool , all the properties are succefully >> encrypted. How ever while starting the cluster getting one error >> >> >> >> Error in creating bean with name ‘authoriser’ factory bean threw >> exception on object creation nested exception is org.apache.nifi.project. >> Senstivepropertyprotectionexception: protection scheme [aes/gcm/256] is >> not supported. >> >> >> >> Any hint is really helpful as trying from last 2 days. >> >> >> >> Thanks and regards >> >> Sanjeet >> >> >> >> >> >> >> >> >> >> -- >> >> Sanjeet Kumar Rath, >> mob- +91 8777577470 >> >> -- >> >> Sanjeet Kumar Rath, >> mob- +91 8777577470 >> > -- > Sanjeet Kumar Rath, > mob- +91 8777577470 > >
Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Hi Isha, We are using same java instalation. Our java version is open idk 11. In the same system only we are able to encrypt aes/gcm/256 for our old 1.12.1 nifi version. Thanks, Sanjeet On Wed, 4 May 2022 at 8:40 PM, Isha Lamboo wrote: > Hi Sanjeeth, > > > > Are you performing the toolkit encryption using the same java installation > that’s running the NiFi server? > > > > If not, you may be running into problems because of encryption limitations > on the java version on your NiFi server. > > I think AES256 needs the “Unlimited Strength Encryption” policy and that > may not be enabled (or even allowed to be enabled in your country). > > > > If you run the toolkit with the same java installation as the server, you > can verify this. It should either use aes/gcm/128 or give the same error if > it tries to use aes/gcm/256. > > > > Another thing to check is whether you’re using Java 8-251 or newer as the > migration guidance states. > > > > Regards, > > > > Isha > > > > > > *Van:* sanjeet rath > *Verzonden:* woensdag 4 mei 2022 17:09 > *Aan:* users@nifi.apache.org > *Onderwerp:* Re: Nifi 1.16.1 migration failed for encrypted of sensitive > values > > > > Thanks Pierre for the quick response. I have followed the same doc and > this is the 3rd version upgrade I am doing for nifi. > > > > Actually if u see the last line of the error it looks like aes/gcm/256 is > not supported. > > > > So if you could point something I am doing wrong for this specific 1.16.1 > version then it would be really helpful for me. > > > > Thanks, > > Sanjeet > > > > > > > > On Wed, 4 May 2022 at 8:20 PM, Pierre Villard > wrote: > > Hi, > > > > I recommend reading the migration guidance documentation: > > https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance > <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcwiki.apache.org%2Fconfluence%2Fdisplay%2FNIFI%2FMigration%2BGuidance=05%7C01%7Cisha.lamboo%40virtualsciences.nl%7Ca6cf25040df64db1d3c908da2de0058f%7C21429da9e4ad45f99a6fcd126a64274b%7C0%7C0%7C637872737450174797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=GMsVs2HdwuGzny9ty2yfXgr0593suh0l1ULuErpvWlw%3D=0> > > > > HTH, > > Pierre > > > > Le mer. 4 mai 2022 à 16:46, sanjeet rath a > écrit : > > Hi , > > > > I am facing one issue in migration from 1.12 to 1.16.1 . > > I have created one 1.16.1 cluster.And copied flow.xml , authoriser and > authorisation user file my previous 1.12 version of cluster to this new > cluster. > > > > When I am starting the cluster with all the keystone password in > authoriser and loginidentifer and nifi sensitive key value unencrypted in > nifi properties file. Then cluster came without any issue. > > > > When I am encrypting using keytool , all the properties are succefully > encrypted. How ever while starting the cluster getting one error > > > > Error in creating bean with name ‘authoriser’ factory bean threw exception > on object creation nested exception is org.apache.nifi.project. > Senstivepropertyprotectionexception: protection scheme [aes/gcm/256] is > not supported. > > > > Any hint is really helpful as trying from last 2 days. > > > > Thanks and regards > > Sanjeet > > > > > > > > > > -- > > Sanjeet Kumar Rath, > mob- +91 8777577470 > > -- > > Sanjeet Kumar Rath, > mob- +91 8777577470 > -- Sanjeet Kumar Rath, mob- +91 8777577470
RE: Nifi 1.16.1 migration failed for encrypted of sensitive values
Hi Sanjeeth, Are you performing the toolkit encryption using the same java installation that’s running the NiFi server? If not, you may be running into problems because of encryption limitations on the java version on your NiFi server. I think AES256 needs the “Unlimited Strength Encryption” policy and that may not be enabled (or even allowed to be enabled in your country). If you run the toolkit with the same java installation as the server, you can verify this. It should either use aes/gcm/128 or give the same error if it tries to use aes/gcm/256. Another thing to check is whether you’re using Java 8-251 or newer as the migration guidance states. Regards, Isha Van: sanjeet rath Verzonden: woensdag 4 mei 2022 17:09 Aan: users@nifi.apache.org Onderwerp: Re: Nifi 1.16.1 migration failed for encrypted of sensitive values Thanks Pierre for the quick response. I have followed the same doc and this is the 3rd version upgrade I am doing for nifi. Actually if u see the last line of the error it looks like aes/gcm/256 is not supported. So if you could point something I am doing wrong for this specific 1.16.1 version then it would be really helpful for me. Thanks, Sanjeet On Wed, 4 May 2022 at 8:20 PM, Pierre Villard mailto:pierre.villard...@gmail.com>> wrote: Hi, I recommend reading the migration guidance documentation: https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance<https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fcwiki.apache.org%2Fconfluence%2Fdisplay%2FNIFI%2FMigration%2BGuidance=05%7C01%7Cisha.lamboo%40virtualsciences.nl%7Ca6cf25040df64db1d3c908da2de0058f%7C21429da9e4ad45f99a6fcd126a64274b%7C0%7C0%7C637872737450174797%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C=GMsVs2HdwuGzny9ty2yfXgr0593suh0l1ULuErpvWlw%3D=0> HTH, Pierre Le mer. 4 mai 2022 à 16:46, sanjeet rath mailto:rath.sanj...@gmail.com>> a écrit : Hi , I am facing one issue in migration from 1.12 to 1.16.1 . I have created one 1.16.1 cluster.And copied flow.xml , authoriser and authorisation user file my previous 1.12 version of cluster to this new cluster. When I am starting the cluster with all the keystone password in authoriser and loginidentifer and nifi sensitive key value unencrypted in nifi properties file. Then cluster came without any issue. When I am encrypting using keytool , all the properties are succefully encrypted. How ever while starting the cluster getting one error Error in creating bean with name ‘authoriser’ factory bean threw exception on object creation nested exception is org.apache.nifi.project. Senstivepropertyprotectionexception: protection scheme [aes/gcm/256] is not supported. Any hint is really helpful as trying from last 2 days. Thanks and regards Sanjeet -- Sanjeet Kumar Rath, mob- +91 8777577470 -- Sanjeet Kumar Rath, mob- +91 8777577470
Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Thanks Pierre for the quick response. I have followed the same doc and this is the 3rd version upgrade I am doing for nifi. Actually if u see the last line of the error it looks like aes/gcm/256 is not supported. So if you could point something I am doing wrong for this specific 1.16.1 version then it would be really helpful for me. Thanks, Sanjeet On Wed, 4 May 2022 at 8:20 PM, Pierre Villard wrote: > Hi, > > I recommend reading the migration guidance documentation: > https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance > > HTH, > Pierre > > Le mer. 4 mai 2022 à 16:46, sanjeet rath a > écrit : > >> Hi , >> >> I am facing one issue in migration from 1.12 to 1.16.1 . >> I have created one 1.16.1 cluster.And copied flow.xml , authoriser and >> authorisation user file my previous 1.12 version of cluster to this new >> cluster. >> >> When I am starting the cluster with all the keystone password in >> authoriser and loginidentifer and nifi sensitive key value unencrypted in >> nifi properties file. Then cluster came without any issue. >> >> When I am encrypting using keytool , all the properties are succefully >> encrypted. How ever while starting the cluster getting one error >> >> Error in creating bean with name ‘authoriser’ factory bean threw >> exception on object creation nested exception is org.apache.nifi.project. >> Senstivepropertyprotectionexception: protection scheme [aes/gcm/256] is >> not supported. >> >> Any hint is really helpful as trying from last 2 days. >> >> Thanks and regards >> Sanjeet >> >> >> >> >> -- >> Sanjeet Kumar Rath, >> mob- +91 8777577470 >> >> -- Sanjeet Kumar Rath, mob- +91 8777577470
Re: Nifi 1.16.1 migration failed for encrypted of sensitive values
Hi, I recommend reading the migration guidance documentation: https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance HTH, Pierre Le mer. 4 mai 2022 à 16:46, sanjeet rath a écrit : > Hi , > > I am facing one issue in migration from 1.12 to 1.16.1 . > I have created one 1.16.1 cluster.And copied flow.xml , authoriser and > authorisation user file my previous 1.12 version of cluster to this new > cluster. > > When I am starting the cluster with all the keystone password in > authoriser and loginidentifer and nifi sensitive key value unencrypted in > nifi properties file. Then cluster came without any issue. > > When I am encrypting using keytool , all the properties are succefully > encrypted. How ever while starting the cluster getting one error > > Error in creating bean with name ‘authoriser’ factory bean threw exception > on object creation nested exception is org.apache.nifi.project. > Senstivepropertyprotectionexception: protection scheme [aes/gcm/256] is > not supported. > > Any hint is really helpful as trying from last 2 days. > > Thanks and regards > Sanjeet > > > > > -- > Sanjeet Kumar Rath, > mob- +91 8777577470 > >