Hi,
I would like to validate the requests via client certificate. Following the documentation, I understood that I need to specify the “http_authenticator.type” as “clientcert”. There it is mentioned to click on TLS Client Certification for further details. However I could see, it is redirecting to HTTP Basic Authentication page.
Please provide the configuration details I need to follow in order to validate the client certificates.
(order matters if you like to combine it with other authenticators)
···
Am 26.02.2017 um 04:28 schrieb Abhinay Thurlapati <abhinaythurlapati@gmail.com>:
Hi,
I would like to validate the requests via client certificate. Following the documentation, I understood that I need to specify the "http_authenticator.type" as "clientcert". There it is mentioned to click on TLS Client Certification for further details. However I could see, it is redirecting to HTTP Basic Authentication page.
Please provide the configuration details I need to follow in order to validate the client certificates.
I followed this approach. I am trying to connect to elastic search using python requests module. I am sending clients signed certificate and the corresponding key generated using example scripts provided by the elastic search.
However, iam receiving the response “Authentication finally failed”. Going through the source code, I think it’s not matching with any of authentication mechanism.
How do I fix this issue. Also I would like define roles for the client certificate. In that case, in internal users yaml file, what could be the password of the hash.
I would like to validate the requests via client certificate. Following the documentation, I understood that I need to specify the “http_authenticator.type” as “clientcert”. There it is mentioned to click on TLS Client Certification for further details. However I could see, it is redirecting to HTTP Basic Authentication page.
Please provide the configuration details I need to follow in order to validate the client certificates.
Thanks
Abhinay.
–
You received this message because you are subscribed to the Google Groups “Search Guard” group.
I ran into the same problem. Not sure if my findings will help you since I am struggling at an other point right now.
When trying to setup es with searchguard all from scratch without using bundle and example scripts, I stumbled over something interesting in elasticsearch.yml.example
This is optional
Only needed when impersonation is used
Allow DNs (distinguished names) to impersonate as other users
On first glance I was no able to find any lines like the above in the yml files provided with the bundles I used.
best,
Meike
···
On Sunday, February 26, 2017 at 4:28:04 AM UTC+1, Abhinay Thurlapati wrote:
Hi,
I would like to validate the requests via client certificate. Following the documentation, I understood that I need to specify the “http_authenticator.type” as “clientcert”. There it is mentioned to click on TLS Client Certification for further details. However I could see, it is redirecting to HTTP Basic Authentication page.
Please provide the configuration details I need to follow in order to validate the client certificates.