Hi,
I am using SG 7.0.1. In Elasticsearch I have enabled clientcert_auth_domain. I am able to connect to Elasticserach via curl using my client certificates.
And in curator also I have configured client certificate authentication. But curator is not able to connect to Elasticsearch.
I have attached the debug logs of curator. curator_debug_logs.txt (11.1 KB)
I have tried running curator with both ssl_no_validate as true and false. But in both case error is same and curator is unable to connect to Elasticsearch.
Please let me know what configurations I am missing here.
What version of elastic/curator do you use?
You have the following error in the curator log:
2020-04-29 05:00:07,151 ERROR curator.utils get_client:915 HTTP N/A error: HTTPSConnectionPool(host='elasticsearch.prashant', port=9200): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:2508)')))
The certificate you use was not signed by CA. Thus the minimal required config:
curator.yml
client:
ssl_no_validate: False
Value of the ssl_no_validate option should be in the upper case.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.