You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "John Wise (Jira)" <ji...@apache.org> on 2022/11/30 14:42:00 UTC
[jira] [Created] (NIFI-10911) NiFi fails to start due to (likely) corrupted encrypted value(s) in flow.xml.gz
John Wise created NIFI-10911:
--------------------------------
Summary: NiFi fails to start due to (likely) corrupted encrypted value(s) in flow.xml.gz
Key: NIFI-10911
URL: https://issues.apache.org/jira/browse/NIFI-10911
Project: Apache NiFi
Issue Type: Bug
Reporter: John Wise
Over the past 2-3 weeks, a couple of our clusters have failed to start due to a decryption failure. nifi-app.log displays "{{{}o.a.n.c.serialization.FlowFromDOMFactory There was a problem decrypting a sensitive flow configuration value. Check that the nifi.sensitive.props.key value in nifi.properties matches the value used to encrypt the flow.xml.gz file{}}}"
In both cases, none of the encryption key values in {{bootstrap.conf}} and {{nifi.properties}} have changed. The issue appears to be that one, or more, of the "{{{}enc{}{}}}" values in flow.xml.gz have become corrupted.
The issue doesn't present itself until a node is restarted, at which point, NiFi continually fails to start due to the service being configured to auto-restart. Ideally, rather than just failing to start, NiFi would still complete the startup & alert the user to any decryption issues, so that they can be fixed.
In the interim, I've been removing the "{{{}enc{}{}}}" values from the flowfile, which allows NiFi to restart & give us the opportunity to manually re-enter the removed values. It's not ideal, but it does allow us to get our nodes back online.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)