Is it possible to disable the server from checking the clients?
Even when I have this set:
When I try to import anything using a script I get this:
at java.lang.Thread.run(Thread.java:1623) ~[?:?]
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
I can browse to the ES server on 9200 fine from the client.
If you see this error message in the server log, it means your client did not trust the server certificate. Therefore
xpack.security.http.ssl.client_authentication is irrelevant, you need to adjust your client configuration.
Btw, since the shared error message is very brief, I am assuming it was indeed related to Elasticsearch's HTTP interface.
Yes it was just when trying to import data.
It's strange because HTTP does look to be working ok when in a browser using https but then the client doesn't trust it for some reason?
It's often the case with self signed certificates.
It should fail as well unless you pass the -k option.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.