SSL Errors with HTTPoison
Closed this issue · 5 comments
I'm getting the follwing error:
$ Elasticsearch.get("/_cat/health")
13:51:37.261 [info] ['TLS', 32, 'client', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'certify', 32, 'at ssl_handshake.erl:1624 generated CLIENT ALERT: Fatal - Unknown CA', 10]
{:error, %HTTPoison.Error{id: nil, reason: {:tls_alert, 'unknown ca'}}}
When I run the following query, it runs successfully. Ref
$ HTTPoison.get("https://servername:9200/_cat/health", [], [ ssl: [{:versions, [:'tlsv1.2']}] ])
Can we set some Env var
or set some config value
to solve this issue ?
I tried the following in config.exs
file with no good result.
config :ssl, protocol_version: :"tlsv1.2"
@collegeimprovements What version of Elasticsearch are you running?
We are on Elasticsearch-5.5
.
This error occurs when the certificate authority for the target url is unknown to Hackney. Is it a self-signed certificate?
See these other GitHub issues for reference:
edgurgel/httpoison#62
edgurgel/httpoison#119
edgurgel/httpoison#294
Yes. It seems like we have self signed certificates. Is there any workaround for this issue ?
[ e.g. we are able to hit HTTPoison
queries with the above mentioned ssl option
. ]
Or there is no simple workaround apart from asking people who host ElasticSearch to provide certificate files!?
We should add an hackney_options
configuration setting to Elasticsearch
. This would allow you to pass the ssl: [{:versions, [:'tlsv1.2']}]
settings that are working for you.