Node.js Application Fail to Connect Elasticsearch

I have very simple Node.js Application to connect my local Elasticsearch engine, when I try to use Kibana, I can connect after provide user and email but when I try to send ping from my Node.js app It gives following error:

ConnectionError: self-signed certificate in certificate chain

My code:

I don't understand the error message and I want this connection secure, I think I need to add certificate but I'm not sure how to do that

Hi @Burak_Karatay,

Welcome to the community! For future issues just a heads up that it's easier to read code as code text snippets rather than an image.

You're correct that the error relates to a certificate issue. There is an example of how to configure the certificate for the client in this stackowerflow issue. Let us know if that solves the issue.

Hope that helps!

Hi @carly.richmond ,
Thank you so much for your answer.
I saw this article but I don't know how to obtain elasticsearch_certificate

ca: process.env.elasticsearch_certificate
const client = new elasticsearch.Client({
  node: process.env.elasticsearch_node,
  auth: {
    username: "elastic",
    password: process.env.elasticsearch_password || "changeme",
  },
  ssl: {
    ca: process.env.elasticsearch_certificate,
    rejectUnauthorized: false,
  },
});

Hi @Burak_Karatay,

So you would need to specify the path to your certificate or the generated fingerprint when you start. There is more detail, and an example using tls here in the documentation that might help.

Hi @carly.richmond ,

It worked with http_ca.crt file thank you so much but now I want to connect with CA Fingerprint and to retrieve finger print I do this:

openssl x509 -in http_ca.crt -noout -fingerprint

And I get a fingerprint, but the problem is when I try to connect with the given fingerprint like this:

import { Client } from "@elastic/elasticsearch";

const esClient = new Client({node: 'https://localhost:9200', auth: {username: 'elastic', password: 'password'}, 
caFingerprint: "fingerprint here",

tls: {rejectUnauthorized: false}})

I got this error:

ConnectionError: Server certificate CA fingerprint does not match the value configured in caFingerprint

Hello @carly.richmond I need your help about another issue

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.