Springboot项目配置Elasticsearch，设置账号密码后报 unable to find valid certification path to requested target

最新推荐文章于 2024-09-09 12:36:40 发布

慢半拍的学长

最新推荐文章于 2024-09-09 12:36:40 发布

阅读量1.7k

点赞数 2

分类专栏： Elasticsearch 开发过程中遇到的问题文章标签： elasticsearch spring boot java

本文链接：https://blog.csdn.net/htx845928748/article/details/126039723

版权

开发过程中遇到的问题同时被 2 个专栏收录

5 篇文章 1 订阅

订阅专栏

Elasticsearch

2 篇文章 0 订阅

订阅专栏

报错：
javax.net.ssl.SSLHandshakeException: General SSLEngine problem
at org.elasticsearch.client.RestClient$SyncResponseListener.get(RestClient.java:947)
at org.elasticsearch.client.RestClient.performRequest(RestClient.java:229)
at org.elasticsearch.client.RestHighLevelClient.internalPerformRequest(RestHighLevelClient.java:1762)
at org.elasticsearch.client.RestHighLevelClient.performRequest(RestHighLevelClient.java:1732)
at org.elasticsearch.client.RestHighLevelClient.performRequestAndParseEntity(RestHighLevelClient.java:1694)
at org.elasticsearch.client.RestHighLevelClient.search(RestHighLevelClient.java:1090)
at org.dexter.lab.elasticUtils.ESUtils.getLastIndexedTimeStamp(ESUtils.java:44)
at org.dexter.lab.druidUtils.DruidDelayChecker.main(DruidDelayChecker.java:357)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:141)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:126)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:392)
… 23 more

原因这是客户端（springboot配置）尝试在ssl握手的时候验证es发来的证书。

解决方法禁用掉ssl验证

添加依赖

<dependency>
    <groupId>io.github.hakky54</groupId>
    <artifactId>sslcontext-kickstart</artifactId>
    <version>7.1.0</version>
</dependency>

配置文件禁用掉ssl验证

 SSLFactory sslFactory = SSLFactory.builder()
                    .withUnsafeTrustMaterial()
                    .withUnsafeHostnameVerifier()
                    .build();

RestClientBuilder builder = RestClient.builder(new HttpHost("localhost", 9200, "https"));

final CredentialsProvider credentialsProvider = new BasicCredentialsProvider();
            credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("admin", "123456"));

 builder = builder.setHttpClientConfigCallback(httpClientBuilder -> httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider)
                    .setSSLContext(sslFactory.getSslContext())
                    .setSSLHostnameVerifier(sslFactory.getHostnameVerifier()));

 RestHighLevelClient restHighLevelClient = new RestHighLevelClient(builder);