0

I have an elastic search server with security enabled. I have a Java application (a Restful service running inside Tomcat) which attempts to connect to the elastic search using the HTTP RestClient (So version differences between the elastic search server and the java application should not be an issue). Both instances are running in the same VPN on Azure. I have imported the elastic search server's certificates to the JDK keystore in the Java application instance, but connection to the elastic search server fails with the following exception:

java.net.ConnectException: Connection refused
        at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method) ~[?:1.8.0_362]
        at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:716) ~[?:1.8.0_362]
        at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvent(DefaultConnectingIOReactor.java:171) ~[httpcore-nio-4.4.5.jar:4.4.5]
        at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvents(DefaultConnectingIOReactor.java:145) ~[httpcore-nio-4.4.5.jar:4.4.5]
        at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor.execute(AbstractMultiworkerIOReactor.java:348) ~[httpcore-nio-4.4.5.jar:4.4.5]
        at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager.execute(PoolingNHttpClientConnectionManager.java:192) ~[httpasyncclient-4.1.2.jar:4.1.2]
        at org.apache.http.impl.nio.client.CloseableHttpAsyncClientBase$1.run(CloseableHttpAsyncClientBase.java:64) ~[httpasyncclient-4.1.2.jar:4.1.2]
        at java.lang.Thread.run(Thread.java:750) [?:1.8.0_362]

There is no network connectivity issue between the two instances. I have verified this by executing the following curl request on the same instance where the Java application is running:

sudo curl --cacert /path/to/my/http_ca.crt -u elastic https://x.x.x.x:9200

The same CA certificate is imported into the Java keystore also. I have a similar setup in my test environment and the Java application is able to connect to the test elastic search server instance. This indicates that the code doesn't have any issues. What else could be going wrong?

Shobhana Sriram
  • 394
  • 1
  • 2
  • 14

1 Answers1

1

It is look like your es server don't listen on the port in your target instance Check your the elasticsearch config at your code carefully, like host, port, username etc.

nolan4954
  • 11
  • 1
  • Thanks @nolan4954 for taking time to respond. I have checked and ensured that the port is correct in my Java code; All configs like port, user name, password, etc are correct. I have verified this by adding logs as well – Shobhana Sriram Jul 18 '23 at 10:33
  • whether the VM that deploying your Java Executable application to access ES server, has installed the VPN software? That may have some model such as PAC, Global proxy model. I had meet the familiar scenario, connected successfully by running command at terminal but failure with running applicaiton, and solved it finally by setting VPN Proxy Model to Global. Wish To help you! :) – nolan4954 Jul 18 '23 at 14:50