Using Elasticsearch Java REST API with self signed

2019-07-17 01:22发布

I want to use the Java REST API (RestHighLevelClient) to communicate with an Elasticsearch 5.6 server over HTTPS. However, the certificate for the server is self signed and when I try to connect it throws a SSLHandshakeException.

Is there a way of configuring the REST client to accept self signed certificates?

标签： java rest elasticsearch ssl-certificate

1条回答

爷的心禁止访问

2楼-- · 2019-07-17 01:53

I got this working using a custom Java Key Store. Here's my code:

CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials(username, password));

final SSLContext sslContext = SSLContexts.custom()
        .loadTrustMaterial(new File("my_keystore.jks"), keystorePassword.toCharArray(),
            new TrustSelfSignedStrategy())
        .build();


RestClient client = RestClient.builder(new HttpHost(host, port, scheme)).setHttpClientConfigCallback(httpClientBuilder -> httpClientBuilder
        .setDefaultCredentialsProvider(credentialsProvider)
        .setSSLContext(sslContext)
).build();

To create the keystore, I downloaded the cert for the domain through Firefox, and used:

keytool -import -v -trustcacerts -file my_domain.crt -keystore my_keystore.jks -keypass password -storepass password

0人赞添加讨论(0) 举报

Using Elasticsearch Java REST API with self signed

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间