Indeed it looks like someone else has run into this:
https://stackoverflow.com/questions/77615582/apache-nifi-2-x-org-eclipse-jetty-http-badmessageexception-400-invalid-sni
On Wed, Dec 6, 2023 at 10:05 PM Adam Taft <a...@adamtaft.com> wrote:
> David,
>
> Any chance that the Jetty SNI related information could also end up in the
> migration guide? I suspect that both of these issues are going to be
> frequently asked as folks evaluate NiFi 2.0 (especially with a 1.x
> migration).
>
> Thanks for holding everyone's hand here. Much appreciated!
>
> /Adam
>
>
> On Fri, Dec 1, 2023 at 5:45 AM David Handermann <
> exceptionfact...@apache.org> wrote:
>
>> Ben,
>>
>> Thanks for the additional details on the HTTP 400 Invalid SNI error.
>>
>> Jetty 10, which is included with NiFi 2.0.0-M1, incorporates updates to
>> the Server Name Indication processing during the TLS handshake. As a result
>> of these changes, the default behavior does not support accessing NiFi
>> using an IP address. Using a hostname or DNS name will avoid the SNI error
>> and allow standard TLS negotiation to work.
>>
>> Regards,
>> David Handermann
>>
>> On Thu, Nov 30, 2023 at 12:07 AM Ben .T.George <bentech4...@gmail.com>
>> wrote:
>>
>>> HI,
>>>
>>> Thanks for the update, i have changed and started the process, now the
>>> port 8443 is listening , i cannot able to access web url. while i am trying
>>> , i am getting below error on browser:
>>>
>>> HTTP ERROR 400 Invalid SNI
>>> URI: /nifi
>>> STATUS: 400
>>> MESSAGE: Invalid SNI
>>> SERVLET: -
>>> CAUSED BY: org.eclipse.jetty.http.BadMessageException: 400: Invalid
>>> SNICaused
>>> by:
>>>
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> at
>>> org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:266)
>>> at
>>> org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:207)
>>> at
>>> org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1594)
>>> at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
>>> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
>>> at org.eclipse.jetty.server.HttpChannel.run(HttpChannel.java:461)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.produce(AdaptiveExecutionStrategy.java:193)
>>> at
>>> org.eclipse.jetty.http2.HTTP2Connection.produce(HTTP2Connection.java:208)
>>> at
>>> org.eclipse.jetty.http2.HTTP2Connection.onFillable(HTTP2Connection.java:155)
>>> at
>>> org.eclipse.jetty.http2.HTTP2Connection$FillableCallback.succeeded(HTTP2Connection.java:450)
>>> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
>>> at
>>> org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
>>> at
>>> org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
>>> at
>>> org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
>>> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
>>> at
>>> org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
>>> at
>>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199)
>>> at
>>> org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)
>>> at
>>> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
>>> at
>>> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
>>> at
>>> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
>>> at java.base/java.lang.Thread.run(Thread.java:1583)
>>>
>>>
>>> and from app.log:
>>>
>>> 2023-11-30 09:03:25,995 INFO [main] o.apache.nifi.controller.FlowController
>>> Starting 0 Stateless Process Groups
>>> 2023-11-30 09:03:25,995 INFO [main] o.apache.nifi.controller.FlowController
>>> Starting 0 processors/ports/funnels
>>> 2023-11-30 09:03:25,995 INFO [main] o.apache.nifi.controller.FlowController
>>> Started 0 Remote Group Ports transmitting
>>> 2023-11-30 09:03:26,007 INFO [main]
>>> o.a.n.w.c.ApplicationStartupContextListener Flow Controller started
>>> successfully.
>>> 2023-11-30 09:03:26,661 WARN [Framework Task Thread-1]
>>> o.g.j.message.internal.MessagingBinders A class
>>> jakarta.activation.DataSource for a default provider
>>> MessageBodyWriter<jakarta.activation.DataSource> was not found. The
>>> provider is not available.
>>> 2023-11-30 09:03:26,845 ERROR [Framework Task Thread-1]
>>> o.a.nifi.groups.StandardProcessGroup Failed to synchronize
>>> StandardProcessGroup[identifier=88190e51-0181-1000-4f4e-613c302a50e7,name=SFTP
>>> Transfer] with Flow Registry because could not retrieve version 1 of flow
>>> with identifier 02872797-5baa-4ddb-b29e-023b441aec31 in bucket
>>> 041aab9c-f47a-4ae2-a264-8160d84a9874 due to: Connection refused
>>> 2023-11-30 09:03:29,761 INFO [main] o.e.jetty.server.handler.ContextHandler
>>> Started
>>> o.e.j.w.WebAppContext@5700c9db{nifi-api,/nifi-api,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-api-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-api-2.0.0-M1.war}
>>> 2023-11-30 09:03:30,102 INFO [main] o.e.j.s.h.C._nifi_content_viewer No
>>> Spring WebApplicationInitializer types detected on classpath
>>> 2023-11-30 09:03:30,171 INFO [main] o.e.jetty.server.handler.ContextHandler
>>> Started
>>> o.e.j.w.WebAppContext@671d03bb{nifi-content-viewer,/nifi-content-viewer,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-content-viewer-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-content-viewer-2.0.0-M1.war}
>>> 2023-11-30 09:03:30,280 INFO [main] o.e.j.s.h.ContextHandler._nifi_docs No
>>> Spring WebApplicationInitializer types detected on classpath
>>> 2023-11-30 09:03:30,285 INFO [main] o.e.jetty.server.handler.ContextHandler
>>> Started
>>> o.e.j.w.WebAppContext@6babffb5{nifi-docs,/nifi-docs,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-docs-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-docs-2.0.0-M1.war}
>>> 2023-11-30 09:03:30,336 INFO [main] o.e.j.server.handler.ContextHandler._
>>> No Spring WebApplicationInitializer types detected on classpath
>>> 2023-11-30 09:03:30,384 INFO [main] o.e.jetty.server.handler.ContextHandler
>>> Started
>>> o.e.j.w.WebAppContext@2173a742{nifi-error,/,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-error-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-error-2.0.0-M1.war}
>>> 2023-11-30 09:03:30,405 INFO [main]
>>> o.eclipse.jetty.server.AbstractConnector Started
>>> ServerConnector@3d24420b{SSL, (ssl, alpn, h2, http/1.1)}{0.0.0.0:8443}
>>> 2023-11-30 09:03:30,410 INFO [main] org.eclipse.jetty.server.Server Started
>>> Server@1320e68a{STARTING}[10.0.18,sto=0] @23422ms
>>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer
>>> NiFi has started. The UI is available at the following URLs:
>>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer
>>> https://10.151.4.53:8443/nifi
>>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer
>>> https://10.88.0.1:8443/nifi
>>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer
>>> https://127.0.0.1:8443/nifi
>>> 2023-11-30 09:03:30,456 INFO [main] org.apache.nifi.BootstrapListener
>>> Successfully initiated communication with Bootstrap
>>> 2023-11-30 09:03:30,457 INFO [main] org.apache.nifi.NiFi Started
>>> Application Controller in 17.504 seconds (17504103649 ns)
>>> 2023-11-30 09:03:30,898 ERROR [Timer-Driven Process Thread-2]
>>> o.a.nifi.groups.StandardProcessGroup Failed to synchronize
>>> StandardProcessGroup[identifier=88190e51-0181-1000-4f4e-613c302a50e7,name=SFTP
>>> Transfer] with Flow Registry because could not retrieve version 1 of flow
>>> with identifier 02872797-5baa-4ddb-b29e-023b441aec31 in bucket
>>> 041aab9c-f47a-4ae2-a264-8160d84a9874 due to: Connection refused
>>> 2023-11-30 09:03:45,864 INFO [Checkpoint FlowFile Repository]
>>> o.a.n.c.r.WriteAheadFlowFileRepository Initiating checkpoint of FlowFile
>>> Repository
>>> 2023-11-30 09:03:45,864 INFO [Checkpoint FlowFile Repository]
>>> o.a.n.c.r.WriteAheadFlowFileRepository Successfully checkpointed FlowFile
>>> Repository with 0 records in 0 milliseconds
>>> 2023-11-30 09:03:51,500 WARN [NiFi Web Server-36]
>>> org.eclipse.jetty.server.HttpChannel handleException /nifi/
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> 2023-11-30 09:03:51,561 WARN [NiFi Web Server-35]
>>> org.eclipse.jetty.server.HttpChannel handleException /favicon.ico
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> 2023-11-30 09:03:57,711 WARN [NiFi Web Server-36]
>>> org.eclipse.jetty.server.HttpChannel handleException /nifi/
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> 2023-11-30 09:03:57,741 WARN [NiFi Web Server-36]
>>> org.eclipse.jetty.server.HttpChannel handleException /favicon.ico
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> 2023-11-30 09:04:05,865 INFO [Checkpoint FlowFile Repository]
>>> o.a.n.c.r.WriteAheadFlowFileRepository Initiating checkpoint of FlowFile
>>> Repository
>>> 2023-11-30 09:04:05,865 INFO [Checkpoint FlowFile Repository]
>>> o.a.n.c.r.WriteAheadFlowFileRepository Successfully checkpointed FlowFile
>>> Repository with 0 records in 0 milliseconds
>>> 2023-11-30 09:04:19,583 WARN [NiFi Web Server-35]
>>> org.eclipse.jetty.server.HttpChannel handleException /nifi
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> 2023-11-30 09:04:19,626 WARN [NiFi Web Server-35]
>>> org.eclipse.jetty.server.HttpChannel handleException /favicon.ico
>>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI
>>> 2023-11-30 09:04:21,357 INFO [Cleanup Archive for default]
>>> o.a.n.c.repository.FileSystemRepository Successfully deleted 0 files (0
>>> bytes) from archive
>>> 2023-11-30 09:04:21,360 INFO [Cleanup Archive for default]
>>> o.a.n.c.repository.FileSystemRepository Archive cleanup completed for
>>> container default; will now allow writing to this container. Bytes used =
>>> 49.6 GB, bytes free = 5.2 GB, capacity = 54.8 GB
>>>
>>>
>>> regards,
>>>
>>> Ben
>>>
>>>
>>>
>>>
>>>
>>> On Thu, Nov 30, 2023 at 8:58 AM David Handermann <
>>> exceptionfact...@apache.org> wrote:
>>>
>>>> Ben,
>>>>
>>>> Thanks for following up and providing the configuration files.
>>>>
>>>> The difference is subtle, but the property name of
>>>> nifi.flow.configuration.json.file needs to be changed to
>>>> nifi.flow.configuration.file, removing the json element from the property
>>>> name, and the leaving the value as it stands.
>>>>
>>>> Regards,
>>>> David Handerman
>>>>
>>>> On Wed, Nov 29, 2023, 11:51 PM Ben .T.George <bentech4...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I have tried disabling xml flow and still Nifi is not starting,
>>>>>
>>>>> here is the details:
>>>>> nifi-app.log : https://pastebin.com/TKtFDYtt
>>>>> nifi-bootstrap.log : https://pastebin.com/XrMcV3qs
>>>>>
>>>>> and my configuration:
>>>>> nifi.properties : https://pastebin.com/LeRMf9CS
>>>>>
>>>>> Regards
>>>>> Ben
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Nov 30, 2023 at 8:28 AM Ben .T.George <bentech4...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> HI,
>>>>>>
>>>>>> Thanks for the update, I will try to do it in that way.
>>>>>>
>>>>>> regards,
>>>>>> Ben
>>>>>>
>>>>>> On Wed, Nov 29, 2023 at 6:31 PM David Handermann <
>>>>>> exceptionfact...@apache.org> wrote:
>>>>>>
>>>>>>> Ben,
>>>>>>>
>>>>>>> Thanks for summarizing the problem and providing the error log
>>>>>>> output.
>>>>>>>
>>>>>>> With the removal of the XML-based flow configuration in NiFi
>>>>>>> 2.0.0-M1,
>>>>>>> nifi.properties now needs to reference the JSON-based configuration.
>>>>>>>
>>>>>>> The nifi.flow.configuration.file property in nifi.properties should
>>>>>>> reference flow.json.gz instead of flow.xml.gz.
>>>>>>>
>>>>>>> At minimum, this looks like something we should improve in terms of
>>>>>>> error handling, or potentially make the upgrade more seamless.
>>>>>>>
>>>>>>> For the moment, I have updated the Migration Guidance page [1] to
>>>>>>> note
>>>>>>> the need to change the configuration property.
>>>>>>>
>>>>>>> If you run into any other upgrade issues, please pass along the
>>>>>>> details.
>>>>>>>
>>>>>>> Regards,
>>>>>>> David Handermann
>>>>>>>
>>>>>>> [1]
>>>>>>> https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance
>>>>>>>
>>>>>>> On Tue, Nov 28, 2023 at 4:12 AM Ben .T.George <bentech4...@gmail.com>
>>>>>>> wrote:
>>>>>>> >
>>>>>>> > HI,
>>>>>>> >
>>>>>>> > How can I upgrade from 1.24.0 to 2.0.0-M1.
>>>>>>> >
>>>>>>> > I did the same pedicure like i did before to upgrade to 1.24.0,
>>>>>>> which is not worked it seems and NiFi is not starting,
>>>>>>> >
>>>>>>> > from bootstrap logs:
>>>>>>> > 2023-11-28 12:59:32,762 INFO [NiFi Bootstrap Command Listener]
>>>>>>> org.apache.nifi.bootstrap.RunNiFi Apache NiFi now running and listening
>>>>>>> for
>>>>>>> Bootstrap requests on port 40771
>>>>>>> > 2023-11-28 12:59:45,273 ERROR [NiFi logging handler]
>>>>>>> org.apache.nifi.StdErr Failed to start web server: Error creating bean
>>>>>>> with
>>>>>>> name 'niFiWebApiConfiguration': BeanPostProcessor before instantiation
>>>>>>> of
>>>>>>> bean failed; nested exception is
>>>>>>> org.springframework.beans.factory.UnsatisfiedDependencyException: Error
>>>>>>> creating bean with name
>>>>>>> 'org.springframework.security.config.annotation.method.configuration.PrePostMethodSecurityConfiguration':
>>>>>>> Unsatisfied dependency expressed through constructor parameter 0; nested
>>>>>>> exception is
>>>>>>> org.springframework.beans.factory.UnsatisfiedDependencyException: Error
>>>>>>> creating bean with name
>>>>>>> 'org.apache.nifi.web.security.configuration.AuthenticationSecurityConfiguration':
>>>>>>> Unsatisfied dependency expressed through constructor parameter 2; nested
>>>>>>> exception is org.springframework.beans.factory.BeanCreationException:
>>>>>>> Error
>>>>>>> creating bean with name 'authorizer': FactoryBean threw exception on
>>>>>>> object
>>>>>>> creation; nested exception is
>>>>>>> org.apache.nifi.controller.serialization.FlowSerializationException:
>>>>>>> Could
>>>>>>> not parse flow as a VersionedDataflow
>>>>>>> > 2023-11-28 12:59:45,273 ERROR [NiFi logging handler]
>>>>>>> org.apache.nifi.StdErr Shutting down...
>>>>>>> > 2023-11-28 12:59:45,955 INFO [main]
>>>>>>> org.apache.nifi.bootstrap.RunNiFi NiFi never started. Will not restart
>>>>>>> NiFi
>>>>>>> >
>>>>>>> >
>>>>>>> > and app.log:
>>>>>>> > https://pastebin.com/R4dGaPmY
>>>>>>> >
>>>>>>> > Thanks & Regards,
>>>>>>> > Ben
>>>>>>> >
>>>>>>> >
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Yours Sincerely
>>>>>> Ben.T.George
>>>>>>
>>>>>> *" Live like you will die tomorrow, learn like you will live forever
>>>>>> "*
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Yours Sincerely
>>>>> Ben.T.George
>>>>>
>>>>> *" Live like you will die tomorrow, learn like you will live forever "*
>>>>>
>>>>
>>>
>>> --
>>> Yours Sincerely
>>> Ben.T.George
>>>
>>> *" Live like you will die tomorrow, learn like you will live forever "*
>>>
>>
