需要使用 java 代码中的传输客户端连接到具有 https 身份验证的安全弹性搜索。我有用户 ID 和密码来连接安全弹性。我使用的是elasticsearch 7.10.0。
try {
Settings settings = Settings.builder().put("cluster.name", clusterName)
.put("xpack.security.user", "elastic:elastic")
.put("xpack.security.transport.ssl.enabled", "true")
.put("xpack.ssl.key", "/etc/elasticsearch/elasticsearch.keystore")
.put("xpack.ssl.certificate", "/etc/elasticsearch/elastic-certificates.p12")
.put("xpack.ssl.certificate_authorities", "/etc/elasticsearch/elastic-stack-ca.p12")
.put("xpack.security.transport.ssl.enabled", "true")
.build();
ESclient = new PreBuiltTransportClient(settings);
//changes for add multiple IP address
String[] hosts = elasticHost.split(",");
for (String host : hosts) {
ESclient.addTransportAddress(new TransportAddress(InetAddress.getByName(host.trim()), elasticPort));
}
System.out.println(ESclient.settings());
} catch (UnknownHostException ex) {
System.out.println("Exception :" + ex);
//logger.error("Exception : " + ex);
throw ex;
}
但它显示错误:
java.lang.IllegalArgumentException: unknown setting [xpack.security.transport.ssl.enabled] please check that any required plugins are installed, or check the breaking changes documentation for removed settings
请让我知道上面的代码中缺少什么。提前致谢。
您不应该再使用 TCP 传输客户端,因为它已经被7.0 中已弃用 https://www.elastic.co/guide/en/elasticsearch/client/java-api/current/transport-client.html。相反,你应该使用休息客户端 https://www.elastic.co/guide/en/elasticsearch/client/java-rest/current/index.html它通过 HTTP 与您的集群进行通信。
如果您需要通过以下方式沟通集群的 HTTPS https://www.elastic.co/guide/en/elasticsearch/client/java-rest/current/_encrypted_communication.html,以下是如何使用 REST 客户端执行此操作:
// 1. create an SSL context to trust the CA that signed the ES server certificate
String keyStorePass = "keystorePassword";
Path trustStorePath = Paths.get("/etc/elasticsearch/elastic-stack-ca.p12");
KeyStore truststore = KeyStore.getInstance("pkcs12");
try (InputStream is = Files.newInputStream(trustStorePath)) {
truststore.load(is, keyStorePass.toCharArray());
}
SSLContextBuilder sslBuilder = SSLContexts.custom().loadTrustMaterial(truststore, null);
final SSLContext sslContext = sslBuilder.build();
// 2. Basic authentication
final CredentialsProvider credsProvider = new BasicCredentialsProvider();
credsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "password"));
// 3. Changes for add multiple IP address
String[] hosts = elasticHost.split(",");
HttpHost[] httpHosts = Arrays.stream(hosts)
.map(host -> new HttpHost(host.trim(), elasticPort, "https"))
.collect(Collectors.toList())
.toArray(new HttpHost[hosts.length]);
// 4. Build the low-level client
RestClientBuilder builder = RestClient.builder(httpHosts)
.setHttpClientConfigCallback(new HttpClientConfigCallback() {
@Override
public HttpAsyncClientBuilder customizeHttpClient(
HttpAsyncClientBuilder httpClientBuilder) {
// set Basic credentials
httpClientBuilder.setDefaultCredentialsProvider(credsProvider);
// set SSL context
return httpClientBuilder.setSSLContext(sslContext);
}
});
// 5. Build the high-level client
RestHighLevelClient client = new RestHighLevelClient(builder);
如果您需要迁移Java代码以使用新的RETS客户端,官方文档提供了分步指南 https://www.elastic.co/guide/en/elasticsearch/client/java-rest/7.0/java-rest-high-level-migration.html关于需要做什么。
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)
