Forwarding event to Elasticsearch :http-options is not working
Closed this issue · 5 comments
(elasticsearch {:es-endpoint "https://secured.com:9200" :es-index "riemann" :index-suffix "-yyyy.MM" :type "_doc" :http-options{:trust-store "ca.jk" :trust-store-pass "password "} })
Following option does not work. is there something I am doing wrong
example
I just try to follow: this link with example
I am getting exception :
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
These types of issues are difficult to diagnose because there are many factors outside of clj-http
that could be contributing to the issue.
Before diagnosing into clj-http
, have you confirmed that:
- the server is configured correctly
- and that then trust-store and trust-store-password works outside of
clj-http
.
Yes I have configure it correctly and I have tested the trust-store with another java client it worked fine.
I believe Problem exist on :http-options{ } option, which is I agree hard to trace.
@bshah0408 Could you also try setting :key-store
and :key-store-pass
to the same values as :trust-store
and :trust-store-pass
?
Like this:
(elasticsearch {:es-endpoint "https://secured.com:9200"
:es-index "riemann"
:index-suffix "-yyyy.MM"
:type "_doc"
:http-options {:trust-store "ca.jk"
:trust-store-pass "password "
:key-store "ca.jk"
:key-store-pass "password "} })
Thank you very much, using two option of trust-store and key-store with same path does seem to be working now.
For meanwhile I have found solution as well the other way around,
adding trust-store path to /etc/sysconfig/riemann file
Optional JAVA_OPTS
EXTRA_JAVA_OPTS=-Djavax.net.ssl.trustStore="/path to your .jk or trust-store file"
Awesome! Glad that worked.