[BEAM-10723] SSL authentication key set to trustMaterial instead of keyMaterial - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Open
Priority: P3
Resolution: Unresolved
Affects Version/s: 2.19.0
Fix Version/s: None
Component/s: io-java-elasticsearch
Labels:
None

Description

If I set
ElasticsearchIO.ConnectionConfiguration#withKeystorePath
the keystore is set to trustMaterial which I think is wrong, because this keystore is suppose to be truststore for certificates.

So if I use keyStoreKey instead of username and pass:

  ElasticsearchIO.write()
      .withConnectionConfiguration(
      ElasticsearchIO.ConnectionConfiguration
          .create(config.addresses().toArray(new String[0]), config.index(), config.type())
      .withKeystorePath(config.keystorePath())
        .withKeystorePassword("somepassword")
        .withTrustSelfSignedCerts(true));

I cannot authenticate.

I got

Caused by: javax.net.ssl.SSLException: Received fatal alert: bad_certificate

because the authetication key is set to trustMaterial instead of keyMaterial

SSLContexts.custom().loadTrustMaterial(keyStore, trustStrategy).build();

via code

I am working on fix

Attachments

Issue Links

links to

GitHub Pull Request #12610

Activity

People

Assignee:: Unassigned

Reporter:: Marek Simunek

Votes:: 1 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 18/Aug/20 08:54

Updated:: 04/Jun/22 18:03

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

1h 20m