I try to connect to Elasticsearch with Searchguard from Spring Boot app.
I create a bean for TransportClient. It looks like that:
Settings settings = Settings.builder()
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_TYPE, "PKCS12")
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_FILEPATH, keyStore)
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_PASSWORD, keyPassword)
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_TRUSTSTORE_FILEPATH, trustStore)
.put("cluster.name", clusterName)
.build();
TransportClient client = new PreBuiltTransportClient(settings, SearchGuardPlugin.class);
TransportAddress[] addresses = clusterNodes.stream()
.map(node -> {
String[] url = StringUtils.deleteWhitespace(node).split(":");
return new TransportAddress(new InetSocketAddress(url[0], Integer.parseInt(url[1])));
}).toArray(TransportAddress[]::new);
client.addTransportAddresses(addresses);
I have my repository extended ElasticsearchRepository.
But I receive a strange exception when my app starts:
ERROR com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport - SSL Problem error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE javax.net.ssl.SSLHandshakeException: error:10000410:SSL routines:OPENSSL_internal:SSLV3_ALERT_HANDSHAKE_FAILURE
What can be a reason? What part of code should I check?
I have another app which uses ElasticsearchTemplate directly (only SearchQuery). And there I don't have any problems.
Elasticsearch version: 6.4.3
Fixed, when I set searchguard.ssl.transport.enable_openssl_if_available to false:
...
.put(SSLConfigConstants.SEARCHGUARD_SSL_TRANSPORT_ENABLE_OPENSSL, false)
...