Issue in Elasticsearch client certificate authentication with curator

I am using SG 7.0.1. In Elasticsearch I have enabled clientcert_auth_domain. I am able to connect to Elasticserach via curl using my client certificates.
And in curator also I have configured client certificate authentication. But curator is not able to connect to Elasticsearch.
I have attached the debug logs of curator. curator_debug_logs.txt (11.1 KB)
I have tried running curator with both ssl_no_validate as true and false. But in both case error is same and curator is unable to connect to Elasticsearch.
Please let me know what configurations I am missing here.

What version of elastic/curator do you use?

You have the following error in the curator log:

2020-04-29 05:00:07,151 ERROR              curator.utils             get_client:915  HTTP N/A error: HTTPSConnectionPool(host='elasticsearch.prashant', port=9200): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:2508)')))

The certificate you use was not signed by CA. Thus the minimal required config:

  ssl_no_validate: False

Value of the ssl_no_validate option should be in the upper case.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.