Python SSL Error

adwaitjoshi · July 8, 2019, 6:55pm

I am trying to use the following code

import elasticsearch

es = elasticsearch.Elasticsearch(es_protocol+'://'+es_host+':'+es_port,http_auth=(_user,_pass),verify_certs=None)

es.indices.create(index=index_name, ignore=400)

return 1;

However I get an error

Error: 0: pyembed: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)) caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618))

Its a self signed certificate hence the verify_certs is set to none. Any ideas what might be the issue?

TimV · July 9, 2019, 9:08am

You need to set verify_certs to False if you want to disable verification.

adwaitjoshi · July 9, 2019, 2:57pm

I have tried that as well. Still the same error!

adwaitjoshi · July 9, 2019, 3:06pm

My latest combo is

es = elasticsearch.Elasticsearch([es_host+':'+es_port],http_auth=(_user,_pass),use_ssl=True,verify_certs=False,ssl_show_warn=False)

adwaitjoshi · July 11, 2019, 7:33pm

Anyone?

adwaitjoshi · July 13, 2019, 7:58pm

Bump

adwaitjoshi · July 13, 2019, 9:12pm

For the sake of everyone verify_certs is deprecated, I got this to work using this link https://github.com/elastic/elasticsearch-py/issues/712

dvisz-inf · July 14, 2019, 6:04pm

@adwaitjoshi it would be good practice to set up a CA, or simply get a free SSL certificate from a widely supported CA if you own a domain name.

adwaitjoshi · July 14, 2019, 6:16pm

All of our machines are off the internet and communicate over private IPs.

dvisz-inf · July 16, 2019, 7:25pm

@adwaitjoshi it sounds like you're saying you don't need authentication. If that is really the case, then why do you need encryption?

adwaitjoshi · July 16, 2019, 7:36pm

I did not say I dont need authentication. What I said was a "self signed certificate" serves our purpose because our IPs are private and machines are private.

EZprogramming · July 16, 2019, 9:09pm

You can use this piece of code to connect to your index via your python code.

es =  Elasticsearch([myHost], http_auth=(username, password))
if not es.indices.exists(index=myIndex):
	es.indices.create(index=myIndex, body=myIndexMap)
res = es.index(index=myIndex,doc_type='_doc', body=dictionary)

dvisz-inf · July 17, 2019, 12:38am

My mistake. I tend to regard self-signed certificate as being as good as no authentication, but that isn't actually true!

system · August 14, 2019, 12:38am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.