Cloudera Docs

Inbound connections

On the Inbound Connections tab you can reassign and renew the certifacates of inbound connections.

Renewing the certificate for an inbound connection endpoint

If you need to replace an X.509 certificate for an inbound connection endpoint before it expires, you can do so manually.

You need DFFlowAdmin privilege to perform this action.
  1. Select the Inbound Connection that you want to manage.
  2. Click Renew.
    • To renew the server certificate, select NiFi Inbound SSL Context Service.
    • To renew the client certificate, select Client SSL Context.
    • If you leave Revoke previously issued client certificates unchecked, existing client certificates remain valid and existing clients can continue to connect to your deployment using it. By selecting the Revoke previously issued client certificates option, you invalidate all existing certificates and you will need to add the new certificate to existing clients so that they can keep connecting to your Cloudera DataFlow deployment.
  3. Click Renew & Restart.
    The UI switches to the KPIs and Alerts pane where you can monitor as your deployment restarts and the new certificate or certificates become available.
If you have renewed the NiFi Inbound SSL Context Service:
You have to take no further action.
If you have renewed the Client SSL Context:
After your Cloudera DataFlow deployment has restarted, you switch to the NiFi Configuration pane to download the Client Certificate and the Client Private Key. You can then add these to your client.

Reassigning an inbound connection endpoint to a different project

Learn how to reassign an inbound connection to another project.

  • Make sure that you have DFDeveloper permission to perform this task. For information on account and resource roles, see Cloudera DataFlow Authorization.

You cannot reassign an inbound connection that is currently used by a deployment. You have to terminate the deployment using it making sure that the Delete assigned endpoint hostname option is not selected before you can reassign it to a different project.

  1. Select the Inbound Connection that you want to reassign.
  2. Click Reassign.
    If the inbound connection is not used by any deployment, the Reassign Resource modal opens.
  3. Select a Project and click Reassign.
  4. Click Apply Changes.