设置verify_certs=False,但elasticsearch,由于证书验证失败,Elasticsearch抛出SSL错误

bkhjykvo  于 2022-11-02  发布在  ElasticSearch
关注(0)|答案(2)|浏览(140)

self.host代理服务器
自身端口=“443”
self.用户=“测试”
自我密码=“test”
我需要抑制证书验证。当在命令行中使用-k选项时,它可以与curl一起工作。但是当从Elasticsearch python模块中使用elasticsearch.Elasticsearch连接时,它抛出错误。
_es2 = Elasticsearch([self.host], port=self.port, scheme="https", http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
_es2.info()
错误:

raise SSLError('N/A', str(e), e)
elasticsearch.exceptions.SSLError: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED] 
certificate verify failed (_ssl.c:590)) caused by: SSLError([SSL: 
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590))```
nxowjjhe

nxowjjhe1#

找到了。在阅读这篇文章https://github.com/elastic/elasticsearch-py/issues/275的时候,我开始了解connection_class。寻找一些标准的或预定义的方法,所以找到了https://elasticsearch-py.readthedocs.io/en/master/transports.html
解决方法:
_es2 = Elasticsearch([self.host], port=self.port, connection_class=RequestsHttpConnection, http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
.....
_es2 = Elasticsearch([self.host], port=self.port, connection_class=RequestsHttpConnection, http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
print(es.ping())
$ ./sn.py
正确

yvgpqqbh

yvgpqqbh2#

除了Sonali的回答,截至2022年9月,Python Elasticsearch客户端不允许函数参数use_ssl=True
仅添加verify_certs=False参数修复了我的案例:

Elasticsearch(hosts=[address], basic_auth=[user, password], verify_certs=False)

es.ping()并不让您知道错误是什么,只是返回False

print(es.info())

TLS error caused by: TlsError(TLS error caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)))

相关问题