Details
-
Bug
-
Status: Open
-
P3
-
Resolution: Unresolved
-
2.15.0
-
None
-
None
Description
While creating the rest client in ElasticsearchIO, the httpClientConfigCallback is overridden by the step to set the key store.
Making it not possible to use a custom key store with basic auth.
if (getUsername() != null) { final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials( AuthScope.ANY, new UsernamePasswordCredentials(getUsername(), getPassword())); restClientBuilder.setHttpClientConfigCallback( httpAsyncClientBuilder -> httpAsyncClientBuilder.setDefaultCredentialsProvider(credentialsProvider)); } if (getKeystorePath() != null && !getKeystorePath().isEmpty()) { try { KeyStore keyStore = KeyStore.getInstance("jks"); try (InputStream is = new FileInputStream(new File(getKeystorePath()))) { String keystorePassword = getKeystorePassword(); keyStore.load(is, (keystorePassword == null) ? null : keystorePassword.toCharArray()); } final SSLContext sslContext = SSLContexts.custom() .loadTrustMaterial(keyStore, new TrustSelfSignedStrategy()) .build(); final SSLIOSessionStrategy sessionStrategy = new SSLIOSessionStrategy(sslContext); restClientBuilder.setHttpClientConfigCallback( httpClientBuilder -> httpClientBuilder.setSSLContext(sslContext).setSSLStrategy(sessionStrategy)); } catch (Exception e) { throw new IOException("Can't load the client certificate from the keystore", e); } }