Self-signed certificate support

Question

Self-signed certificate support

kryvel opened this issue 7 months ago · 0 comments

Hello,

I would like to submit a feature request related to our use of certificates for internal services. We utilize certificates issued by our internal, self-signed CA. Specifically, our Elasticsearch API use one of these certificates for the nodes within the cluster.

My request is to enable the capability of passing a certificate chain to the Yente client when it connects to Elasticsearch. I believe this enhancement should not be overly complex to implement. I am willing to contribute by preparing a patch myself. However, if someone could guide me on where to start, it would greatly expedite the process by reducing the time spent analyzing the client's workflow.

Additionally, some logs related to a failed connection

Cannot connect to ElasticSearch: 
TlsError("Cannot connect to host node1:9200 ssl:True 
[SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]", 
errors=(TlsError("Cannot connect to host node1:9200 ssl:True [SSLCertVerificationError: (1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1006)')]"