We have a secure nifi and nifi registry running with oidc authentication version 1.23.0. Both nifi and registry authentication is working through oidc, however when we try to start version control there are no available buckets. Also if we try and import from the bucket when creating a process group all the buckets are available.
The tls-toolkit was used create the keystore/truststore and the certs. The SSL cert from nifi registry keystore has been added to the nifi's truststore. The cert was added to our browser as well. All values in the nifi-registry.properties files for the keystore and truststore have been updated to the correct values, ie type, passwords and where to find the stores. The authorizations.xml file has been modified in 2 places to add the DN. User group provider <property name="Initial User Identity 1">CN=nifi_sysadm,OU=3M</property> Access policy <property name="Initial Admin Identity">CN=nifi_sysadm,OU=3M</property> I did not use a space after the comma in my DN when using tls-toolkit to create certificate. I read where someone pointed that out so I used the exact same string when I setup the user in the registry. Permissions to the buckets and users are shown below [cid:[email protected]] The user has all permissions on the bucket policy as well. [cid:[email protected]] Logs show nothing and registry client setup shows no errors. Any help would be appreciated. Thanks [cid:[email protected]] Mark Moore | Business Intelligence 3M Health Information Systems Franklin, TN 37067 | United States Office: +1 651 732 2034 [email protected]<mailto:[email protected]>
