Rest Client - Encrypted Communication


(aditya tripathi) #1

This page: https://www.elastic.co/guide/en/elasticsearch/client/java-rest/current/_encrypted_communication.html
hints at establishing encrypted communication by Rest Client with ES Cluster.

I was trying something around the given code in that page - using a SSLContext with KeyStoreManager and TrustManager. However I did not see any encrypted communication happening.

ES Cluster is running on Shield and basic HTTP authentication from HTTP client is working fine.

If I am hitting http port of ES Cluster, is it possible to get encrypted communication to ES Cluster with a HTTP/REST Client? Preferably using X509 certificates.

I could only find two ports - http and transport which are published by ES Cluster. The requirement is to use HTTP Client and establish secure communication with ES Cluster running on Shield. I understand we can wrap ES inside tomcat/nginx etc, Or use transport client with Shield enabled. But that is not the direction I am looking forward to currently.


(Christian Dahlqvist) #2

You will need to enable SSL on the cluster, which will enable SSL on port 9200. Have you gone through the documentation describing how to do this?


(aditya tripathi) #3

Hi Christian,
Thanks a lot for your answer. I had the ES cluster running on shield and had followed steps from Shield documentation. The problem lied somewhere else (I had not imported certificates of all nodes).

I could communicate over https using REST client 5.1 with Shield enbled ES Cluster (2.3.3).

Thanks.


(system) #4

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.