in my current project i'm struck with the elastic search SSL cert verification, is there any way to disable that configuration ?
solution for that question
Asked
Active
Viewed 563 times
1 Answers
0
Spring Data Elasticsearch doe not use or read any properties from configurations.
You can achieve that by configuring as is described in the documentation. There is an usingSsl() overload that takes a SSLContext parameter. You need to create a SSLContext that does not verify the certificate.
One possible implementation might be (never use that in a productive system!):
public final class NotVerifyingSSLContext {
private static SSLContext sslContext;
static {
try {
sslContext = createSSLContext();
} catch (NoSuchAlgorithmException | KeyManagementException e) {
throw new ExceptionInInitializerError(e);
}
}
public static SSLContext getSslContext() {
return sslContext;
}
private NotVerifyingSSLContext() {}
private static SSLContext createSSLContext() throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sslContext = SSLContext.getInstance("TLS");
TrustManager[] trustManagers = new TrustManager[] { new X509ExtendedTrustManager() {
public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) {}
public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) {}
public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) {}
public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) {}
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) {}
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) {}
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
} };
sslContext.init(null, trustManagers, null);
return sslContext;
}
}
P.J.Meisch
- 18,013
- 6
- 50
- 66