Set verify_certs=False yet elasticsearch.Elasticsearch throws SSL error for certificate verify failed
Question:
self.host=”KibanaProxy”
self.Port=”443″
self.user=”test”
self.password=”test”
I need to suppress certificate validation. It works with curl when using option -k on command line. But while connecting using elasticsearch.Elasticsearch from Elasticsearch python module, it throws error.
_es2 = Elasticsearch([self.host], port=self.port, scheme="https", http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
_es2.info()
Error:
raise SSLError('N/A', str(e), e)
elasticsearch.exceptions.SSLError: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed (_ssl.c:590)) caused by: SSLError([SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590))```
Answers:
Found it.
While reading this post https://github.com/elastic/elasticsearch-py/issues/275, i got to know about connection_class. Looked for some standard or predefined method related to it so found https://elasticsearch-py.readthedocs.io/en/master/transports.html
Solution:
from elasticsearch import RequestsHttpConnection
…..
_es2 = Elasticsearch([self.host], port=self.port, connection_class=RequestsHttpConnection, http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
print(es.ping())
$ ./sn.py
True
In addition to Sonali’s answer, as of September 2022, the Python Elasticsearch client does not allow function parameter use_ssl=True
Adding only verify_certs=False parameter fixed my case:
Elasticsearch(hosts=[address], basic_auth=[user, password], verify_certs=False)
And es.ping() does not let you know what is the error, just returns False. In order to see the error details, you can use this single line of code
print(es.info())
TLS error caused by: TlsError(TLS error caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)))
self.host=”KibanaProxy”
self.Port=”443″
self.user=”test”
self.password=”test”
I need to suppress certificate validation. It works with curl when using option -k on command line. But while connecting using elasticsearch.Elasticsearch from Elasticsearch python module, it throws error.
_es2 = Elasticsearch([self.host], port=self.port, scheme="https", http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
_es2.info()
Error:
raise SSLError('N/A', str(e), e)
elasticsearch.exceptions.SSLError: ConnectionError([SSL: CERTIFICATE_VERIFY_FAILED]
certificate verify failed (_ssl.c:590)) caused by: SSLError([SSL:
CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:590))```
Found it.
While reading this post https://github.com/elastic/elasticsearch-py/issues/275, i got to know about connection_class. Looked for some standard or predefined method related to it so found https://elasticsearch-py.readthedocs.io/en/master/transports.html
Solution:
from elasticsearch import RequestsHttpConnection
…..
_es2 = Elasticsearch([self.host], port=self.port, connection_class=RequestsHttpConnection, http_auth=(self.user, self.password), use_ssl=True, verify_certs=False)
print(es.ping())
$ ./sn.py
True
In addition to Sonali’s answer, as of September 2022, the Python Elasticsearch client does not allow function parameter use_ssl=True
Adding only verify_certs=False parameter fixed my case:
Elasticsearch(hosts=[address], basic_auth=[user, password], verify_certs=False)
And es.ping() does not let you know what is the error, just returns False. In order to see the error details, you can use this single line of code
print(es.info())
TLS error caused by: TlsError(TLS error caused by: SSLError([SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:997)))