Facing this issue, all my path and passwords are ok but not able to authenticate. Please some one help me.
Hi @Somdev_Das, Please do not post images of text; they are hard to read, can not be debugged or searched or reproduced, and we can not even see the entirety of the code.
Where did you
Here is a sample of my working code
!pip install elasticsearch
# Read in connection and auth info
# Note the port is REQUIRED for the elasticsearch endpoint!
import getpass, os
os.environ['es_url'] = getpass.getpass('Enter Elasticsearch Endpoint: ')
os.environ['es_user'] = getpass.getpass('Enter User: ')
os.environ['es_pwd'] = getpass.getpass('Enter Password: ')
# Connect and test connection
from elasticsearch import Elasticsearch
es_url = os.environ['es_url']
es_user = os.environ['es_user']
es_pwd = os.environ['es_pwd']
# Initialize the Elasticsearch client
es = Elasticsearch(
[es_url],
basic_auth=(es_user, es_pwd),
request_timeout=30
)
es.info().body
And from here
from elasticsearch import Elasticsearch
# Password for the 'elastic' user generated by Elasticsearch
ELASTIC_PASSWORD = "<password>"
# Create the client instance
client = Elasticsearch(
"https://localhost:9200",
ca_certs="/path/to/http_ca.crt",
basic_auth=("elastic", ELASTIC_PASSWORD)
)
# Successful response!
client.info()
Getting
SSLError: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1007)) caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1007))
this error after doing your first step
and getting
ElasticsearchWarning: The client is unable to verify that the server is Elasticsearch due security privileges on the server side
client.ping()
this after 2nd step
What permissions does your user have in Elasticsearch?
What is the role for this user?
Please share your whole connection code in text please
What OS are you running on?
If this is a newer windows box there may be additional steps for self signed certs.
How did you set up elasticsearch? Using what method?
Can you curl with same config?
curl -v -u elastic --cacert /path/to/ca.crt https://localhost:9200
I encountered an issue with the 'elastic' user and its system-generated password. To address this, I created my own user and granted it admin, superuser, network, and monitor rights. However, I am still facing the same problem, and my browser indicates that https://localhost:9200/ is unsecured.
from elasticsearch import Elasticsearch
# Password for the 'elastic' user generated by Elasticsearch
ELASTIC_PASSWORD = "*hR-5LqISxAvlerhYvc+"
# Create the client instance
client = Elasticsearch(
"https://localhost:9200",
ca_certs="/home/somdev/SentientGeeks/elastic/8.10.2/elasticsearch-8.10.2-linux-x86_64/elasticsearch-8.10.2/config/certs/http_ca.crt",
basic_auth=("elastic", ELASTIC_PASSWORD)
)
# Successful response!
client.ping()
Using ubuntu 22.04
I first downloaded both ES and Kibana, extracted them, and then used the bin/elasticsearch and bin/kibana commands in the terminal.
What is the result of the curl command I provided above?.
Please run it. Show me the command and the results
Hi @Somdev_Das
Again Please do not provide images of text. It's nearly impossible to read. It cannot debugged or searched.
The curl looks good.
Can you add this.
client.info()
What is the error you're getting now from your python.
from elasticsearch import Elasticsearch
# Password for the 'elastic' user generated by Elasticsearch
ELASTIC_PASSWORD = "bQv4p1L+cCK3BjzApxgA"
# Create the client instance
client = Elasticsearch(
"https://localhost:9200",
ca_certs="/home/somdev/SentientGeeks/elastic/8.10.2/elasticsearch-8.10.2-linux-x86_64/elasticsearch-8.10.2/config/certs/http_ca.crt",
basic_auth=("elastic", ELASTIC_PASSWORD)
)
# Successful response!
client.info()
/tmp/ipykernel_31816/1719526992.py:14: ElasticsearchWarning: The client is unable to verify that the server is Elasticsearch due security privileges on the server side
client.info()
---------------------------------------------------------------------------
AuthenticationException Traceback (most recent call last)
Cell In[1], line 14
7 client = Elasticsearch(
8 "https://localhost:9200",
9 ca_certs="/home/somdev/SentientGeeks/elastic/8.10.2/elasticsearch-8.10.2-linux-x86_64/elasticsearch-8.10.2/config/certs/http_ca.crt",
10 basic_auth=("elastic", ELASTIC_PASSWORD)
11 )
13 # Successful response!
---> 14 client.info()
File ~/.local/lib/python3.10/site-packages/elasticsearch/client/utils.py:347, in query_params.<locals>._wrapper.<locals>._wrapped(*args, **kwargs)
345 if p in kwargs:
346 params[p] = kwargs.pop(p)
--> 347 return func(*args, params=params, headers=headers, **kwargs)
File ~/.local/lib/python3.10/site-packages/elasticsearch/client/__init__.py:295, in Elasticsearch.info(self, params, headers)
286 @query_params(
287 response_mimetypes=["application/json"],
288 )
289 def info(self, params=None, headers=None):
290 """
291 Returns basic information about the cluster.
292
293 `<https://www.elastic.co/guide/en/elasticsearch/reference/7.17/index.html>`_
294 """
--> 295 return self.transport.perform_request(
296 "GET", "/", params=params, headers=headers
297 )
File ~/.local/lib/python3.10/site-packages/elasticsearch/transport.py:466, in Transport.perform_request(self, method, url, headers, params, body)
464 raise e
465 else:
--> 466 raise e
468 else:
469 # connection didn't fail, confirm it's live status
470 self.connection_pool.mark_live(connection)
File ~/.local/lib/python3.10/site-packages/elasticsearch/transport.py:427, in Transport.perform_request(self, method, url, headers, params, body)
424 connection = self.get_connection()
426 try:
--> 427 status, headers_response, data = connection.perform_request(
428 method,
429 url,
430 params,
431 body,
432 headers=headers,
433 ignore=ignore,
434 timeout=timeout,
435 )
437 # Lowercase all the header names for consistency in accessing them.
438 headers_response = {
439 header.lower(): value for header, value in headers_response.items()
440 }
File ~/.local/lib/python3.10/site-packages/elasticsearch/connection/http_urllib3.py:291, in Urllib3HttpConnection.perform_request(self, method, url, params, body, timeout, ignore, headers)
287 if not (200 <= response.status < 300) and response.status not in ignore:
288 self.log_request_fail(
289 method, full_url, url, orig_body, duration, response.status, raw_data
290 )
--> 291 self._raise_error(response.status, raw_data)
293 self.log_request_success(
294 method, full_url, url, orig_body, response.status, raw_data, duration
295 )
297 return response.status, response_headers, raw_data
File ~/.local/lib/python3.10/site-packages/elasticsearch/connection/base.py:328, in Connection._raise_error(self, status_code, raw_data)
325 except (ValueError, TypeError) as err:
326 logger.warning("Undecodable raw error response from server: %s", err)
--> 328 raise HTTP_EXCEPTIONS.get(status_code, TransportError)(
329 status_code, error_message, additional_info
330 )
AuthenticationException: AuthenticationException(401, 'security_exception', 'missing authentication credentials for REST request [/]')
401 = Bad username + password... not sure what the issue is
missing authentication credentials for REST request [/]
This means that either:
- your username + password didn't get sent to the server, or
- the server is configured not to accept username + password as an authentication mechanism.
Since your curl
command worked, we can assume that it's not (2), but I cannot understand how that code would fail to send the the basic authentication header. Never-the-less, that definitely looks like what is going on here.
What is the python environment that you're using (it looks like an interactive workbook of some sort)? Is it possible that this environment is stripping out your credentials?
Currently, I'm utilizing Jupyter Notebook on Ubuntu 22.04.3 LTS with Python version 3.10.12. Additionally, I'd like to mention that when I use version 7.9.2, which doesn't require a username and password, it operates efficiently.
It seems that Jupyter is doing something to strip basic authentication headers from your outgoing HTTP request.
I don't know enough about Jupyter to know how to resolve that, but I don't think the problem is with your cluster or your python script.
Do you know which version of the Elasticsearch python library are you using?
Try to change basic_auth
to http_auth
and see if it works.
According to this post, if you are using the version 7 of the library, the parameter basic_auth
does not exists, you need to use http_auth
.
The code I showed above was from a Jupyter notebook I use with Google collab
Here is the git repo....
This runs in Google Collab and connects 8.x elasticsearch clusters
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.