Cannot use self signed certs in Elasticsearch with Nextcloud / fulltextsearch_elasticsearch
grey-golem opened this issue · 3 comments
I have created a three node Elasticsearch 8 cluster on Debian 12 and created an index for Nextcloud.
The Elasticsearch cluster is using the self signed certs it generated when setting up basic security.
I can GET information from the cluster using curl. For example
curl -kX GET "https://elastic:PASSWORD-HERE@els-cluster:9200"
returns the information below with no error or prompt.
{
"name" : "els01",
"cluster_name" : "els-cluster",
"cluster_uuid" : "PZ0ht_AZSea4VXwGvmM2mQ",
"version" : {
"number" : "8.8.1",
"build_flavor" : "default",
"build_type" : "deb",
"build_hash" : "f8edfccba429b6477927a7c1ce1bc6729521305e",
"build_date" : "2023-06-05T21:32:25.188464208Z",
"build_snapshot" : false,
"lucene_version" : "9.6.0",
"minimum_wire_compatibility_version" : "7.17.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "You Know, for Search"
}
When I attempt to kick off the initial indexing from Nextcloud I get the following error.
cURL error 60: SSL certificate problem: self signed certificate in certificate chain (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://els-cluster:92
00/
Is it possible to add an insecure parameter (like -k for curl) to the credentials for Nextcloud?
https://elastic:PASSWORD-HERE@els-cluster:9200
Or is this not possible? I want to prove this works before spending any more time on it.
Same Issue
This works:
INSERT INTO 'oc_appconfig' ('appid', 'configkey', 'configvalue') VALUES ('fulltextsearch_elasticsearch', 'allow_self_signed_cert', 'true');