无法使用Java API和shield连接到ElasticSearch服务器
误差
1342 [main] DEBUG org.elasticsearch.shield.transport.netty - [Benjamin Jacob Grimm] connected to node [{#transport#-1}{HOST_IP}{HOST/HOST_IP:9300}]
1431 [elasticsearch[Benjamin Jacob Grimm][generic][T#1]] DEBUG org.elasticsearch.shield.transport.netty - [Benjamin Jacob Grimm] disconnecting from [{#transport#-1}{HOST_IP}{HOST/HOST_IP:9300}], channel closed event
1463 [main] INFO org.elasticsearch.client.transport - [Benjamin Jacob Grimm] failed to get node info for {#transport#-1}{HOST_IP}{HOST/HOST_IP:9300}, disconnecting...
NodeDisconnectedException[[][HOST/HOST_IP:9300][cluster:monitor/nodes/liveness] disconnected]
...9200/_nodes
"cluster_name": "elasticsearch",
"nodes": {
"UYdZbCQKQZavtFYOoUpawg": {
"name": "Desmond Pitt",
"transport_address": "HOST_IP:9300",
"host": "HOST_IP",
"ip": "HOST_IP",
"version": "2.3.3",
"build": "218bdf1",
"http_address": "HOST_IP:9200",
"settings": {
"pidfile": "/var/run/elasticsearch/elasticsearch.pid",
"cluster": {
"name": "elasticsearch"
},
"path": {
"conf": "/etc/elasticsearch",
"data": "/var/lib/elasticsearch",
"logs": "/var/log/elasticsearch",
"home": "/usr/share/elasticsearch"
},
"shield": {
"http": {
"ssl": "true"
},
"https": {
"ssl": "true"
},
"transport": {
"ssl": "true"
}
},
"name": "Desmond Pitt",
"client": {
"type": "node"
},
"http": {
"cors": {
"allow-origin": "*",
"allow-headers": "Authorization, Origin, X-Requested-With, Content-Type, Accept",
"allow-credentials": "true",
"allow-methods": "OPTIONS, HEAD, GET, POST, PUT, DELETE",
"enabled": "true"
}
},
"index": {
"queries": {
"cache": {
"type": "opt_out_cache"
}
}
},
"foreground": "false",
"config": {
"ignore_system_properties": "true"
},
"network": {
"host": "HOST_IP",
"bind_host": "0.0.0.0",
"publish_host": "HOST_IP"
}
}
Java代码:
TransportClient client = TransportClient.builder()
.addPlugin(ShieldPlugin.class)
.settings(Settings.builder()
.put("cluster.name", ClusterName)
.put("shield.user", "USER:PASSWORD")
.build())
.build()
.addTransportAddress(new InetSocketTransportAddress(InetAddress.getByName(HOST), 9300));
C:\Program Files\Java\jdk1.8.0_92
"version": "1.8.0_91",
"vm_name": "OpenJDK 64-Bit Server VM",
更新:
我在ElasticSearch.yml中所做的更改
shield.ssl.keystore.path: /usr/share/elasticsearch/bin/shield/elastic.jks
shield.ssl.keystore.password: password
shield.ssl.keystore.key_password: password
shield.transport.ssl: true
shield.http.ssl: true
shield.https.ssl: true
network.host: HOST_IP
network.publish_host: HOST_IP
shield.ssl.hostname_verification.resolve_name: false
https://host:9200/_cluster/health?pretty=true的结果
{
"cluster_name": "elasticsearch",
"status": "yellow",
"timed_out": false,
"number_of_nodes": 1,
"number_of_data_nodes": 1,
"active_primary_shards": 5,
"active_shards": 5,
"relocating_shards": 0,
"initializing_shards": 0,
"unassigned_shards": 5,
"delayed_unassigned_shards": 0,
"number_of_pending_tasks": 0,
"number_of_in_flight_fetch": 0,
"task_max_waiting_in_queue_millis": 0,
"active_shards_percent_as_number": 50
}
2082 [elasticsearch[Steel Serpent][transport_client_worker][T#1]{New I/O worker #1}] DEBUG org.elasticsearch.shield.transport.netty - [Steel Serpent] SSL/TLS handshake failed, closing channel: null
java.nio.channels.ClosedChannelException
at org.jboss.netty.handler.ssl.SslHandler.channelDisconnected(SslHandler.java:575)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:102)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireChannelDisconnected(Channels.java:396)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.close(AbstractNioWorker.java:360)
at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:93)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)
at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)
at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
共有1个答案
正如我所看到的,您启用了SSL加密。但是您的java代码没有激活SSL。根据官方文档,您应该使用如下代码:
TransportClient client = TransportClient.builder()
.addPlugin(ShieldPlugin.class)
.settings(Settings.builder()
.put("cluster.name", "myClusterName")
.put("shield.user", "transport_client_user:changeme")
.put("shield.ssl.keystore.path", "/path/to/client.jks") (1)
.put("shield.ssl.keystore.password", "password")
.put("shield.transport.ssl", "true")
...
.build())
此外,我将测试我的代码没有任何加密,并添加一些新的功能(例如SSL),以配置和代码一步一步。
UPD:老实说,远程修复ssl问题将是棘手的。当客户端发送无效的SSL证书时,通常会出现此错误。可能需要禁用客户端auth
-
null ...9200/_cluster/nodes ...9200/_cluster/health?pretty=true Java代码: Java版本: 问题已按以下方式解决。确保您的客户端和服务器版本是同步的!
-
我的elasticsearch服务器运行时有索引,比如说服务器XX。XXX。XXX。XXX:9200。 我在服务器ES集群XX中有索引。XXX。XXX。XXX:9200,我正试图在本地主机5601(Kibana)中为其创建仪表盘 在我的kibana.yml我有这样的配置: 在弹性搜索中。yml我有这个配置: 但我在运行kibana时遇到了这个错误。yml: 连接ECONNREFUSED超文本传输协
-
这是mysql连接php脚本。它不断地显示出它的错误 警告:mysqli_connect():(HY000/1045):用户'user'@'localhost'(使用密码:YES)在第6行的C:\xampp\htdocs\index.php访问被拒绝 注意:尝试在第7行连接成功的C:\xampp\htdocs\index.php中获取非对象的属性 我听不懂,请帮帮我好吗?
-
首先,我知道有很多类似的问题,但我所看到的似乎都不能解决我的设置(我发现的任何解决方案都不管用)。所以请容忍我。。。 我的服务器主机名是IP地址,而不是域名(即URL看起来像:) 我的服务器有一个真正的证书(即,没有自签名) 我的应用程序的plist条目字典为空(没有任何例外-出厂设置ATS) 这是生产代码,我不能禁用ATS(我也不认为我可以,因为例外只适用于显式域名,而不是IP地址) (iOS9
-
问题内容: 我正在尝试使用smack 4.1.0运行此代码 这给我一个错误: 并且,在本地openfire服务器中启用调试后,我收到以下消息: 我要去哪里错了? 问题答案: 根据与用户问题的讨论,AS位于XMPPTCPConnectionConfiguration中。默认情况下,Openfire中的端口5223是客户端SSL端口, 服务器>>服务器设置>>客户端连接 错误 org.jivesoft
-
我在设置打开班次时遇到问题,并在连接到我的服务器域后收到以下错误: 我不确定这是在告诉我做什么。我尝试按字面意思使用指令,但它无法识别命令。 有什么想法吗?