Hello all,
I have installed an Elasticsearch cluster (ECK) in my Kubernetes cluster (GKE) by using this tutorial.
I retrived the CA certificat tls.crt created by my ECK. Then, I used the following command to create a truststore.jks
keytool -import -trustcacerts -alias ca_root -file tls.crt -keystore truststore.jks
PS: I am using openjdk version "1.8.0_242"
Then, I create a Kubernetes secret:
apiVersion: v1
kind: Secret
metadata:
name: elasticsearch-truststore-secret
namespace: dev
type: Opaque
data:
truststore.jks: <<content of truststore.jks in base64>>
Finally, I specified in the configuration of my spark job, the following information:
spark.es.nodes.wan.only true
spark.es.index.auto.create true
spark.es.nodes https://smart-agriculture-elasticsearch-es-http
spark.es.port 9200
spark.es.net.http.auth.user elastic
spark.es.net.http.auth.pass <<password of elastic user>>
spark.es.net.ssl true
spark.es.net.ssl.cert.allow.self.signed true
spark.es.net.ssl.truststore.location file:///etc/secrets/elasticsearch/truststore.jks
spark.es.net.ssl.truststore.pass test1234
spark.kubernetes.driver.secrets.elasticsearch-truststore-secret /etc/secrets/elasticsearch/truststore.jks
spark.kubernetes.executor.secrets.elasticsearch-truststore-secret /etc/secrets/elasticsearch/truststore.jks
I got the following error:
Caused by: java.io.IOException: Invalid keystore format at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:663) at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56) at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224) at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70) at java.security.KeyStore.load(KeyStore.java:1445) at org.elasticsearch.hadoop.rest.commonshttp.SSLSocketFactory.loadKeyStore(SSLSocketFactory.java:200) at org.elasticsearch.hadoop.rest.commonshttp.SSLSocketFactory.loadTrustManagers(SSLSocketFactory.java:226) at org.elasticsearch.hadoop.rest.commonshttp.SSLSocketFactory.createSSLContext(SSLSocketFactory.java:173) ... 41 more
I don't know what I am doing wrong.
Does anyone know how to solve this ?