Indeed it looks like someone else has run into this: https://stackoverflow.com/questions/77615582/apache-nifi-2-x-org-eclipse-jetty-http-badmessageexception-400-invalid-sni
On Wed, Dec 6, 2023 at 10:05 PM Adam Taft <a...@adamtaft.com> wrote: > David, > > Any chance that the Jetty SNI related information could also end up in the > migration guide? I suspect that both of these issues are going to be > frequently asked as folks evaluate NiFi 2.0 (especially with a 1.x > migration). > > Thanks for holding everyone's hand here. Much appreciated! > > /Adam > > > On Fri, Dec 1, 2023 at 5:45 AM David Handermann < > exceptionfact...@apache.org> wrote: > >> Ben, >> >> Thanks for the additional details on the HTTP 400 Invalid SNI error. >> >> Jetty 10, which is included with NiFi 2.0.0-M1, incorporates updates to >> the Server Name Indication processing during the TLS handshake. As a result >> of these changes, the default behavior does not support accessing NiFi >> using an IP address. Using a hostname or DNS name will avoid the SNI error >> and allow standard TLS negotiation to work. >> >> Regards, >> David Handermann >> >> On Thu, Nov 30, 2023 at 12:07 AM Ben .T.George <bentech4...@gmail.com> >> wrote: >> >>> HI, >>> >>> Thanks for the update, i have changed and started the process, now the >>> port 8443 is listening , i cannot able to access web url. while i am trying >>> , i am getting below error on browser: >>> >>> HTTP ERROR 400 Invalid SNI >>> URI: /nifi >>> STATUS: 400 >>> MESSAGE: Invalid SNI >>> SERVLET: - >>> CAUSED BY: org.eclipse.jetty.http.BadMessageException: 400: Invalid >>> SNICaused >>> by: >>> >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> at >>> org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:266) >>> at >>> org.eclipse.jetty.server.SecureRequestCustomizer.customize(SecureRequestCustomizer.java:207) >>> at >>> org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1594) >>> at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753) >>> at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501) >>> at org.eclipse.jetty.server.HttpChannel.run(HttpChannel.java:461) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.produce(AdaptiveExecutionStrategy.java:193) >>> at >>> org.eclipse.jetty.http2.HTTP2Connection.produce(HTTP2Connection.java:208) >>> at >>> org.eclipse.jetty.http2.HTTP2Connection.onFillable(HTTP2Connection.java:155) >>> at >>> org.eclipse.jetty.http2.HTTP2Connection$FillableCallback.succeeded(HTTP2Connection.java:450) >>> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) >>> at >>> org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558) >>> at >>> org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379) >>> at >>> org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146) >>> at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) >>> at >>> org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277) >>> at >>> org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199) >>> at >>> org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194) >>> at >>> org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149) >>> at java.base/java.lang.Thread.run(Thread.java:1583) >>> >>> >>> and from app.log: >>> >>> 2023-11-30 09:03:25,995 INFO [main] o.apache.nifi.controller.FlowController >>> Starting 0 Stateless Process Groups >>> 2023-11-30 09:03:25,995 INFO [main] o.apache.nifi.controller.FlowController >>> Starting 0 processors/ports/funnels >>> 2023-11-30 09:03:25,995 INFO [main] o.apache.nifi.controller.FlowController >>> Started 0 Remote Group Ports transmitting >>> 2023-11-30 09:03:26,007 INFO [main] >>> o.a.n.w.c.ApplicationStartupContextListener Flow Controller started >>> successfully. >>> 2023-11-30 09:03:26,661 WARN [Framework Task Thread-1] >>> o.g.j.message.internal.MessagingBinders A class >>> jakarta.activation.DataSource for a default provider >>> MessageBodyWriter<jakarta.activation.DataSource> was not found. The >>> provider is not available. >>> 2023-11-30 09:03:26,845 ERROR [Framework Task Thread-1] >>> o.a.nifi.groups.StandardProcessGroup Failed to synchronize >>> StandardProcessGroup[identifier=88190e51-0181-1000-4f4e-613c302a50e7,name=SFTP >>> Transfer] with Flow Registry because could not retrieve version 1 of flow >>> with identifier 02872797-5baa-4ddb-b29e-023b441aec31 in bucket >>> 041aab9c-f47a-4ae2-a264-8160d84a9874 due to: Connection refused >>> 2023-11-30 09:03:29,761 INFO [main] o.e.jetty.server.handler.ContextHandler >>> Started >>> o.e.j.w.WebAppContext@5700c9db{nifi-api,/nifi-api,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-api-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-api-2.0.0-M1.war} >>> 2023-11-30 09:03:30,102 INFO [main] o.e.j.s.h.C._nifi_content_viewer No >>> Spring WebApplicationInitializer types detected on classpath >>> 2023-11-30 09:03:30,171 INFO [main] o.e.jetty.server.handler.ContextHandler >>> Started >>> o.e.j.w.WebAppContext@671d03bb{nifi-content-viewer,/nifi-content-viewer,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-content-viewer-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-content-viewer-2.0.0-M1.war} >>> 2023-11-30 09:03:30,280 INFO [main] o.e.j.s.h.ContextHandler._nifi_docs No >>> Spring WebApplicationInitializer types detected on classpath >>> 2023-11-30 09:03:30,285 INFO [main] o.e.jetty.server.handler.ContextHandler >>> Started >>> o.e.j.w.WebAppContext@6babffb5{nifi-docs,/nifi-docs,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-docs-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-docs-2.0.0-M1.war} >>> 2023-11-30 09:03:30,336 INFO [main] o.e.j.server.handler.ContextHandler._ >>> No Spring WebApplicationInitializer types detected on classpath >>> 2023-11-30 09:03:30,384 INFO [main] o.e.jetty.server.handler.ContextHandler >>> Started >>> o.e.j.w.WebAppContext@2173a742{nifi-error,/,file:///opt/nifi-2.0.0-M1/work/jetty/nifi-web-error-2.0.0-M1.war/webapp/,AVAILABLE}{./work/nar/extensions/nifi-server-nar-2.0.0-M1.nar-unpacked/NAR-INF/bundled-dependencies/nifi-web-error-2.0.0-M1.war} >>> 2023-11-30 09:03:30,405 INFO [main] >>> o.eclipse.jetty.server.AbstractConnector Started >>> ServerConnector@3d24420b{SSL, (ssl, alpn, h2, http/1.1)}{0.0.0.0:8443} >>> 2023-11-30 09:03:30,410 INFO [main] org.eclipse.jetty.server.Server Started >>> Server@1320e68a{STARTING}[10.0.18,sto=0] @23422ms >>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer >>> NiFi has started. The UI is available at the following URLs: >>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer >>> https://10.151.4.53:8443/nifi >>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer >>> https://10.88.0.1:8443/nifi >>> 2023-11-30 09:03:30,454 INFO [main] org.apache.nifi.web.server.JettyServer >>> https://127.0.0.1:8443/nifi >>> 2023-11-30 09:03:30,456 INFO [main] org.apache.nifi.BootstrapListener >>> Successfully initiated communication with Bootstrap >>> 2023-11-30 09:03:30,457 INFO [main] org.apache.nifi.NiFi Started >>> Application Controller in 17.504 seconds (17504103649 ns) >>> 2023-11-30 09:03:30,898 ERROR [Timer-Driven Process Thread-2] >>> o.a.nifi.groups.StandardProcessGroup Failed to synchronize >>> StandardProcessGroup[identifier=88190e51-0181-1000-4f4e-613c302a50e7,name=SFTP >>> Transfer] with Flow Registry because could not retrieve version 1 of flow >>> with identifier 02872797-5baa-4ddb-b29e-023b441aec31 in bucket >>> 041aab9c-f47a-4ae2-a264-8160d84a9874 due to: Connection refused >>> 2023-11-30 09:03:45,864 INFO [Checkpoint FlowFile Repository] >>> o.a.n.c.r.WriteAheadFlowFileRepository Initiating checkpoint of FlowFile >>> Repository >>> 2023-11-30 09:03:45,864 INFO [Checkpoint FlowFile Repository] >>> o.a.n.c.r.WriteAheadFlowFileRepository Successfully checkpointed FlowFile >>> Repository with 0 records in 0 milliseconds >>> 2023-11-30 09:03:51,500 WARN [NiFi Web Server-36] >>> org.eclipse.jetty.server.HttpChannel handleException /nifi/ >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> 2023-11-30 09:03:51,561 WARN [NiFi Web Server-35] >>> org.eclipse.jetty.server.HttpChannel handleException /favicon.ico >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> 2023-11-30 09:03:57,711 WARN [NiFi Web Server-36] >>> org.eclipse.jetty.server.HttpChannel handleException /nifi/ >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> 2023-11-30 09:03:57,741 WARN [NiFi Web Server-36] >>> org.eclipse.jetty.server.HttpChannel handleException /favicon.ico >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> 2023-11-30 09:04:05,865 INFO [Checkpoint FlowFile Repository] >>> o.a.n.c.r.WriteAheadFlowFileRepository Initiating checkpoint of FlowFile >>> Repository >>> 2023-11-30 09:04:05,865 INFO [Checkpoint FlowFile Repository] >>> o.a.n.c.r.WriteAheadFlowFileRepository Successfully checkpointed FlowFile >>> Repository with 0 records in 0 milliseconds >>> 2023-11-30 09:04:19,583 WARN [NiFi Web Server-35] >>> org.eclipse.jetty.server.HttpChannel handleException /nifi >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> 2023-11-30 09:04:19,626 WARN [NiFi Web Server-35] >>> org.eclipse.jetty.server.HttpChannel handleException /favicon.ico >>> org.eclipse.jetty.http.BadMessageException: 400: Invalid SNI >>> 2023-11-30 09:04:21,357 INFO [Cleanup Archive for default] >>> o.a.n.c.repository.FileSystemRepository Successfully deleted 0 files (0 >>> bytes) from archive >>> 2023-11-30 09:04:21,360 INFO [Cleanup Archive for default] >>> o.a.n.c.repository.FileSystemRepository Archive cleanup completed for >>> container default; will now allow writing to this container. Bytes used = >>> 49.6 GB, bytes free = 5.2 GB, capacity = 54.8 GB >>> >>> >>> regards, >>> >>> Ben >>> >>> >>> >>> >>> >>> On Thu, Nov 30, 2023 at 8:58 AM David Handermann < >>> exceptionfact...@apache.org> wrote: >>> >>>> Ben, >>>> >>>> Thanks for following up and providing the configuration files. >>>> >>>> The difference is subtle, but the property name of >>>> nifi.flow.configuration.json.file needs to be changed to >>>> nifi.flow.configuration.file, removing the json element from the property >>>> name, and the leaving the value as it stands. >>>> >>>> Regards, >>>> David Handerman >>>> >>>> On Wed, Nov 29, 2023, 11:51 PM Ben .T.George <bentech4...@gmail.com> >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> I have tried disabling xml flow and still Nifi is not starting, >>>>> >>>>> here is the details: >>>>> nifi-app.log : https://pastebin.com/TKtFDYtt >>>>> nifi-bootstrap.log : https://pastebin.com/XrMcV3qs >>>>> >>>>> and my configuration: >>>>> nifi.properties : https://pastebin.com/LeRMf9CS >>>>> >>>>> Regards >>>>> Ben >>>>> >>>>> >>>>> >>>>> On Thu, Nov 30, 2023 at 8:28 AM Ben .T.George <bentech4...@gmail.com> >>>>> wrote: >>>>> >>>>>> HI, >>>>>> >>>>>> Thanks for the update, I will try to do it in that way. >>>>>> >>>>>> regards, >>>>>> Ben >>>>>> >>>>>> On Wed, Nov 29, 2023 at 6:31 PM David Handermann < >>>>>> exceptionfact...@apache.org> wrote: >>>>>> >>>>>>> Ben, >>>>>>> >>>>>>> Thanks for summarizing the problem and providing the error log >>>>>>> output. >>>>>>> >>>>>>> With the removal of the XML-based flow configuration in NiFi >>>>>>> 2.0.0-M1, >>>>>>> nifi.properties now needs to reference the JSON-based configuration. >>>>>>> >>>>>>> The nifi.flow.configuration.file property in nifi.properties should >>>>>>> reference flow.json.gz instead of flow.xml.gz. >>>>>>> >>>>>>> At minimum, this looks like something we should improve in terms of >>>>>>> error handling, or potentially make the upgrade more seamless. >>>>>>> >>>>>>> For the moment, I have updated the Migration Guidance page [1] to >>>>>>> note >>>>>>> the need to change the configuration property. >>>>>>> >>>>>>> If you run into any other upgrade issues, please pass along the >>>>>>> details. >>>>>>> >>>>>>> Regards, >>>>>>> David Handermann >>>>>>> >>>>>>> [1] >>>>>>> https://cwiki.apache.org/confluence/display/NIFI/Migration+Guidance >>>>>>> >>>>>>> On Tue, Nov 28, 2023 at 4:12 AM Ben .T.George <bentech4...@gmail.com> >>>>>>> wrote: >>>>>>> > >>>>>>> > HI, >>>>>>> > >>>>>>> > How can I upgrade from 1.24.0 to 2.0.0-M1. >>>>>>> > >>>>>>> > I did the same pedicure like i did before to upgrade to 1.24.0, >>>>>>> which is not worked it seems and NiFi is not starting, >>>>>>> > >>>>>>> > from bootstrap logs: >>>>>>> > 2023-11-28 12:59:32,762 INFO [NiFi Bootstrap Command Listener] >>>>>>> org.apache.nifi.bootstrap.RunNiFi Apache NiFi now running and listening >>>>>>> for >>>>>>> Bootstrap requests on port 40771 >>>>>>> > 2023-11-28 12:59:45,273 ERROR [NiFi logging handler] >>>>>>> org.apache.nifi.StdErr Failed to start web server: Error creating bean >>>>>>> with >>>>>>> name 'niFiWebApiConfiguration': BeanPostProcessor before instantiation >>>>>>> of >>>>>>> bean failed; nested exception is >>>>>>> org.springframework.beans.factory.UnsatisfiedDependencyException: Error >>>>>>> creating bean with name >>>>>>> 'org.springframework.security.config.annotation.method.configuration.PrePostMethodSecurityConfiguration': >>>>>>> Unsatisfied dependency expressed through constructor parameter 0; nested >>>>>>> exception is >>>>>>> org.springframework.beans.factory.UnsatisfiedDependencyException: Error >>>>>>> creating bean with name >>>>>>> 'org.apache.nifi.web.security.configuration.AuthenticationSecurityConfiguration': >>>>>>> Unsatisfied dependency expressed through constructor parameter 2; nested >>>>>>> exception is org.springframework.beans.factory.BeanCreationException: >>>>>>> Error >>>>>>> creating bean with name 'authorizer': FactoryBean threw exception on >>>>>>> object >>>>>>> creation; nested exception is >>>>>>> org.apache.nifi.controller.serialization.FlowSerializationException: >>>>>>> Could >>>>>>> not parse flow as a VersionedDataflow >>>>>>> > 2023-11-28 12:59:45,273 ERROR [NiFi logging handler] >>>>>>> org.apache.nifi.StdErr Shutting down... >>>>>>> > 2023-11-28 12:59:45,955 INFO [main] >>>>>>> org.apache.nifi.bootstrap.RunNiFi NiFi never started. Will not restart >>>>>>> NiFi >>>>>>> > >>>>>>> > >>>>>>> > and app.log: >>>>>>> > https://pastebin.com/R4dGaPmY >>>>>>> > >>>>>>> > Thanks & Regards, >>>>>>> > Ben >>>>>>> > >>>>>>> > >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Yours Sincerely >>>>>> Ben.T.George >>>>>> >>>>>> *" Live like you will die tomorrow, learn like you will live forever >>>>>> "* >>>>>> >>>>> >>>>> >>>>> -- >>>>> Yours Sincerely >>>>> Ben.T.George >>>>> >>>>> *" Live like you will die tomorrow, learn like you will live forever "* >>>>> >>>> >>> >>> -- >>> Yours Sincerely >>> Ben.T.George >>> >>> *" Live like you will die tomorrow, learn like you will live forever "* >>> >>