@spinscale ,Thank you for your replay.
but really I don't know is how can I generate CA,or the CA means elastic-stack-ca.p12?
can you please show me a sample or some blogs.
thanks again.
I assume that somehow you generated those certificates? Or did you get that from a third party? Regardless you have to add those to the programs you execute in order to prevent those warning messages (be it curl or the java client).
Did you follow the documentation or how were those created?
@spinscale I am very happy to tell that I have resolved this problem. The "CA" you have mentioned" is elastic-certificates.p12 that I already generated. My java client is as below.
hope this can help someone who need.
public static boolean auth(String index) throws Exception {
CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "123456"));
KeyStore truststore = KeyStore.getInstance("jks");
try (InputStream is = new FileInputStream("./src/main/resources/elastic-certificates.p12")) {
truststore.load(is, "123456".toCharArray());
}
SSLContextBuilder sslBuilder = SSLContexts.custom().loadTrustMaterial(truststore, null);
final SSLContext sslContext = sslBuilder.build();
RestClientBuilder builder = RestClient.builder(new HttpHost("MY_IP", 9200, "https"))
.setHttpClientConfigCallback(new RestClientBuilder.HttpClientConfigCallback() {
@Override
public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) {
return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider)
.setSSLContext(sslContext).setSSLHostnameVerifier(NoopHostnameVerifier.INSTANCE);
}
});
client = new RestHighLevelClient(builder);
GetIndexRequest req = new GetIndexRequest(index);
return client.indices().exists(req, RequestOptions.DEFAULT);
}
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.