search

Orange-OpenSource / nifikop

The NiFiKop NiFi Kubernetes operator makes it easy to run Apache NiFi on Kubernetes. Apache NiFI is a free, open-source solution that support powerful and scalable directed graphs of data routing, transformation, and system mediation logic.
https://orange-opensource.github.io/nifikop/
Apache License 2.0
128 stars 34 forks source link

SSL access for api user support #159

Open riccardo-salamanna opened 2 years ago

riccardo-salamanna commented 2 years ago

Type of question

SSL access for api user support

Question

Our cluster is currently configured to have authentication via OIDC and it works fine but we would like to have a user for api access, authenticating via certificates. We followed the steps listed at https://orange-opensource.github.io/nifikop/docs/3_tasks/2_security/1_ssl#create-ssl-credentials, extrated the cert but we are still not able to authenticate with the provisioned user and the certificates that have been generated. Is there any step missing? thanks

Environment Environment

nifikop version: 0.7.1

Kubernetes version information: 1.19

Kubernetes cluster kind: EKS

NiFi version: 1.13.2

solomonope commented 2 years ago

@riccardo-salamanna please how did you get OIDC to work we are having the same issues with cert credentials

riccardo-salamanna commented 2 years ago

Well i followed the documentation on both nifi and nifikop to a T and oidc works amazing. What i was never able to do is to authenticate with a "standard" user (certificate)

https://medium.com/@alexandreguitton_12701/secured-nifi-cluster-with-nifikop-on-the-google-cloud-platform-3f7f84e363ed - this is pretty clear :)