X-Pack tranport client exception for es6.6

Hello
PreBuiltXPackTransportClient configuration are as follow,

if (client == null) {
builder.put("client.transport.sniff", true)
.put("cluster.name","DS_Project_v2")
.put("xpack.security.user","elastic:321++nsw")
.put("xpack.security.transport.ssl.enabled", "true")
.put("xpack.security.transport.ssl.verification_mode", "certificate")
.put("xpack.security.transport.ssl.keystore.path", "E:\workspace\Work\spring-cloud\elasticsearch-data-transport\src\main\resources\static\certs\elastic-stack-ca.p12")
.put("xpack.security.transport.ssl.truststore.path", "E:\workspace\Work\spring-cloud\elasticsearch-data-transport\src\main\resources\static\certs\elastic-stack-ca.p12");
PreBuiltXPackTransportClient xPackTransportClient = new PreBuiltXPackTransportClient(builder.build());
try {
xPackTransportClient.addTransportAddress(new TransportAddress(InetAddress.getByName(host), port));
} catch (UnknownHostException e) {
e.printStackTrace();
}
client = xPackTransportClient;
}

but once I run this program allways cause this exception:

java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2059) ~[na:1.8.0_202]
at java.security.KeyStore.load(KeyStore.java:1445) ~[na:1.8.0_202]
at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:89) ~[x-pack-core-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:58) ~[x-pack-core-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:364) ~[x-pack-core-6.6.0.jar:6.6.0]
at java.util.HashMap.computeIfAbsent(HashMap.java:1127) ~[na:1.8.0_202]
at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:421) ~[x-pack-core-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.core.ssl.SSLService.(SSLService.java:96) ~[x-pack-core-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.core.XPackClientPlugin.getTransports(XPackClientPlugin.java:474) ~[x-pack-core-6.6.0.jar:6.6.0]
at org.elasticsearch.common.network.NetworkModule.(NetworkModule.java:130) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.client.transport.TransportClient.buildTemplate(TransportClient.java:190) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.client.transport.TransportClient.(TransportClient.java:288) ~[elasticsearch-6.6.0.jar:6.6.0]
at org.elasticsearch.transport.client.PreBuiltTransportClient.(PreBuiltTransportClient.java:128) ~[transport-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.client.PreBuiltXPackTransportClient.(PreBuiltXPackTransportClient.java:47) ~[x-pack-transport-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.client.PreBuiltXPackTransportClient.(PreBuiltXPackTransportClient.java:42) ~[x-pack-transport-6.6.0.jar:6.6.0]
at org.elasticsearch.xpack.client.PreBuiltXPackTransportClient.(PreBuiltXPackTransportClient.java:38) ~[x-pack-transport-6.6.0.jar:6.6.0]
at com.wsn.springcloud.elasticsearch.dao.ElasticDao.(ElasticDao.java:36) ~[classes/:na]
at com.wsn.springcloud.elasticsearch.controller.TestController.query(TestController.java:44) ~[classes/:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_202]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_202]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_202]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_202]
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189) ~[spring-web-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) ~[spring-web-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:897) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:634) ~[tomcat-embed-core-9.0.14.jar:9.0.14]
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882) ~[spring-webmvc-5.1.4.RELEASE.jar:5.1.4.RELEASE]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) ~[tomcat-embed-core-9.0.14.jar:9.0.14]
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) ~[tomcat-embed-core-9.0.14.jar:9.0.14]
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-embed-core-9.0.14.jar:9.0.14]

Is there anyway to solve this exception?

Thanks

Hi there, it looks like your elastic-stack-ca.p12 is password protected. You need to set the password by adding the two following settings in your client config:

xpack.security.transport.ssl.keystore.password:
xpack.security.transport.ssl.truststore.password: 

See: https://www.elastic.co/guide/en/elasticsearch/reference/current/security-settings.html#_java_keystore_files_4 also for more details

1 Like

Hello ikakavas
It's helpful to me, It solved my problem, Thanks

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.