Set verify_certs=False yet elasticsearch.Elasticsearch throws SSL error for certificate verify failed
Question:
self.host=”KibanaProxy”
self.Port=”443″
self.user=”test”
self.password=”test”
I need to suppress certificate validation. It works with curl when using option -k
on command line. But while connecting using elasticsearch.Elasticsearch from Elasticsearch python module, it throws error.
_es2 = Elasticsearch([self.host], port=self.port, scheme="https", http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
_es2.info()
Error:
raise SSLError('N/A', str(e), e)
elasticsearch.exceptions.SSLError: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed (_ssl.c:590)) caused by: SSLError([SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590))```
Answers:
Found it.
While reading this post https://github.com/elastic/elasticsearch-py/issues/275, i got to know about connection_class. Looked for some standard or predefined method related to it so found https://elasticsearch-py.readthedocs.io/en/master/transports.html
Solution:
from elasticsearch import RequestsHttpConnection
…..
_es2 = Elasticsearch([self.host], port=self.port, connection_class=RequestsHttpConnection, http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
print(es.ping())
$ ./sn.py
True
In addition to Sonali’s answer, as of September 2022, the Python Elasticsearch client does not allow function parameter use_ssl=True
Adding only verify_certs=False
parameter fixed my case:
Elasticsearch(hosts=[address], basic_auth=[user, password], verify_certs=False)
And es.ping()
does not let you know what is the error, just returns False
. In order to see the error details, you can use this single line of code
print(es.info())
TLS error caused by: TlsError(TLS error caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)))
self.host=”KibanaProxy”
self.Port=”443″
self.user=”test”
self.password=”test”
I need to suppress certificate validation. It works with curl when using option -k
on command line. But while connecting using elasticsearch.Elasticsearch from Elasticsearch python module, it throws error.
_es2 = Elasticsearch([self.host], port=self.port, scheme="https", http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
_es2.info()
Error:
raise SSLError('N/A', str(e), e)
elasticsearch.exceptions.SSLError: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed (_ssl.c:590)) caused by: SSLError([SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590))```
Found it.
While reading this post https://github.com/elastic/elasticsearch-py/issues/275, i got to know about connection_class. Looked for some standard or predefined method related to it so found https://elasticsearch-py.readthedocs.io/en/master/transports.html
Solution:
from elasticsearch import RequestsHttpConnection
…..
_es2 = Elasticsearch([self.host], port=self.port, connection_class=RequestsHttpConnection, http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
print(es.ping())
$ ./sn.py
True
In addition to Sonali’s answer, as of September 2022, the Python Elasticsearch client does not allow function parameter use_ssl=True
Adding only verify_certs=False
parameter fixed my case:
Elasticsearch(hosts=[address], basic_auth=[user, password], verify_certs=False)
And es.ping()
does not let you know what is the error, just returns False
. In order to see the error details, you can use this single line of code
print(es.info())
TLS error caused by: TlsError(TLS error caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)))