You are viewing a plain text version of this content. The canonical link for it is here.
Posted to github@beam.apache.org by GitBox <gi...@apache.org> on 2022/06/04 18:03:37 UTC
[GitHub] [beam] damccorm opened a new issue, #20525: SSL authentication key set to trustMaterial instead of keyMaterial
damccorm opened a new issue, #20525:
URL: https://github.com/apache/beam/issues/20525
If I set
ElasticsearchIO.ConnectionConfiguration#withKeystorePath
the keystore is set to trustMaterial which I think is wrong, because this keystore is suppose to be truststore for certificates.
So if I use keyStoreKey instead of username and pass:
```
ElasticsearchIO.write()
.withConnectionConfiguration(
ElasticsearchIO.ConnectionConfiguration
.create(config.addresses().toArray(new String[0]), config.index(), config.type())
.withKeystorePath(config.keystorePath())
.withKeystorePassword("somepassword")
.withTrustSelfSignedCerts(true));
```
I cannot authenticate.
I got
```
Caused by: javax.net.ssl.SSLException: Received fatal alert: bad_certificate
```
because the authetication key is set to trustMaterial instead of keyMaterial
```
SSLContexts.custom().loadTrustMaterial(keyStore, trustStrategy).build();
```
via [code](https://github.com/apache/beam/blob/release-2.19.0/sdks/java/io/elasticsearch/src/main/java/org/apache/beam/sdk/io/elasticsearch/ElasticsearchIO.java#L439)
I am working on fix
Imported from Jira [BEAM-10723](https://issues.apache.org/jira/browse/BEAM-10723). Original Jira may contain additional context.
Reported by: marek.simunek.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: github-unsubscribe@beam.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org