Am 19.05.2017 um 18:41 schrieb email@example.com:
On Friday, May 12, 2017 at 5:19:30 PM UTC-4, pixelrebel wrote:
I'm actually having a heck of a time trying to get the elasticsearch python module to work on a search-guarded cluster. I've tried both python2 and python3 without luck.
I can't get either http basic auth, nor peer certs to work. I can get both methods to work with curl and logstash, but not with the python module. I've tried the above suggested methods, but nothing seems to work. Is there a working example I can use?
username_attribute: cn #optional, if omitted DN becomes username
On Monday, May 8, 2017 at 4:58:41 PM UTC-7, pixelrebel wrote:
Is there a workaround for users who are required to use python2?
On Wednesday, February 22, 2017 at 7:36:05 AM UTC-8, Search Guard wrote:
this is know to work: https://gist.github.com/floragunncom/9319a994ae09df64b2a173128f745ed2
Python (especially python 2) is a piece of .... regarding SSL/TLS support.
So we recommend python 3 and these packages:
pip3 install cryptography
pip3 install pyopenssl ndg-httpsclient pyasn1
Then do a "urllib3.contrib.pyopenssl.inject_into_urllib3()" and it works like magic
> Am 21.02.2017 um 23:27 schrieb Robert Chen <robert...@gmail.com>:
> test.py is like below, when I run it, it is always ConnectionError. curl is ok. (all keys are generated with example.sh, ELK and searchguard is 5.1 version)
> from elasticsearch import Elasticsearch, RequestsHttpConnection
> import ssl
> # SSL client authentication using client_cert and client_key
> es = Elasticsearch(
> http_auth=('admin', 'admin'),
> [root@ip-10-8-8-246 example-pki-scripts]# python test.py
> Traceback (most recent call last):
> File "test.py", line 21, in <module>
> File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/utils.py", line 73, in _wrapped
> return func(*args, params=params, **kwargs)
> File "/usr/local/lib/python2.7/site-packages/elasticsearch/client/__init__.py", line 222, in info
> return self.transport.perform_request('GET', '/', params=params)
> File "/usr/local/lib/python2.7/site-packages/elasticsearch/transport.py", line 318, in perform_request
> status, headers, data = connection.perform_request(method, url, params, body, ignore=ignore, timeout=timeout)
> File "/usr/local/lib/python2.7/site-packages/elasticsearch/connection/http_urllib3.py", line 123, in perform_request
> raise ConnectionError('N/A', str(e), e)
> elasticsearch.exceptions.ConnectionError: ConnectionError(('Connection failed.', CannotSendRequest())) caused by: ConnectionError(('Connection failed.', CannotSendRequest()))
> [root@ip-10-8-8-246 example-pki-scripts]# curl --insecure -E ./kirk-signed.pem --key ./kirk.key.pem https://10.8.8.246:9200/_cat/indices?v
> health status index uuid pri rep docs.count docs.deleted store.size pri.store.size
> green open mycompany-apache-2017.01.15 egQUvOtnT_O8jiEuz06Luw 5 1 4 0 80.4kb 40.2kb
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/98601f16-827c-4377-96e5-f599c696fd86%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firstname.lastname@example.org.
To post to this group, send email to email@example.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/32614206-9dbe-4b13-b3b4-a43c14ec7aa9%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.