I have trouble using SSL keystore or truststore to connect to Elasticsearch client using DBeaver. This is an elastic stack on k8s installation on my local machine. I followed the official tutorial to set up a connection using DBeaver, but I have trouble figuring out how to make SSL validation work.
I logged into the elasticsearch pod, downloaded the cert and key at
/usr/share/elasticsearch/config/http-certs/tls.key. I combined them into a p12 format using this command:
openssl pkcs12 -export -in combined.pem -out cert.p12
http: ssl: certificate: /usr/share/elasticsearch/config/http-certs/tls.crt certificate_authorities: /usr/share/elasticsearch/config/http-certs/ca.crt enabled: true key: /usr/share/elasticsearch/config/http-certs/tls.key transport: ssl: certificate: /usr/share/elasticsearch/config/node-transport-cert/transport.tls.crt certificate_authorities: - /usr/share/elasticsearch/config/transport-certs/ca.crt - /usr/share/elasticsearch/config/transport-remote-certs/ca.crt enabled: "true" key: /usr/share/elasticsearch/config/node-transport-cert/transport.tls.key verification_mode: certificate
However, I'm getting this invalid cert error:
These are the driver parameters:
What certs do I need in order to pass the cert check? I wish there was an insecure flag to ignore the validation since it runs in localhost.