Open sbhatt765 opened 3 years ago
Getting following error-
[root@smb-sipp-green bwlogreceiver]# curl --cacert /root/truststore.jks -u sbhatt765:***** https://datax-smb-logger-hoc-b-001.logging.comcast.net:9200 curl: (77) Problem with the SSL CA cert (path? access rights?)
However, it works when I omit the cacert part -
[root@smb-sipp-green bwlogreceiver]# curl /root/truststore.jks -u sbhatt765:***** https://datax-smb-logger-hoc-b-001.logging.comcast.net:9200 curl: (3) malformed { "name" : "datax-smb-logger-hoc-b-001.logging.comcast.net", "cluster_name" : "datax-smb-logger_e6aff5bd-40b0-48cc-a994-5bfd1904b5e2", "cluster_uuid" : "nqBL7htPST64fk36Q52opA", "version" :
{ "number" : "7.10.2", "build_flavor" : "oss", "build_type" : "rpm", "build_hash" : "747e1cc71def077253878a59143c1f785afa92b9", "build_date" : "2021-01-13T00:42:12.435326Z", "build_snapshot" : false, "lucene_version" : "8.7.0", "minimum_wire_compatibility_version" : "6.8.0", "minimum_index_compatibility_version" : "6.0.0-beta1" } , "tagline" : "You Know, for Search" }
I exported the certificate for https://datax-smb-logger-hoc-b-001.logging.comcast.net in DER encoded binary X.509(.CER) and then used following commands to create the .jks file
openssl x509 -inform der -in Certificate.cer -out Certificate.pem
keytool -keystore Certificate.jks -alias CARoot -import -file Certificate.pem
Need to know what's the underlying issue with the SSL CA cert
Getting following error-
[root@smb-sipp-green bwlogreceiver]# curl --cacert /root/truststore.jks -u sbhatt765:***** https://datax-smb-logger-hoc-b-001.logging.comcast.net:9200 curl: (77) Problem with the SSL CA cert (path? access rights?)
However, it works when I omit the cacert part -
[root@smb-sipp-green bwlogreceiver]# curl /root/truststore.jks -u sbhatt765:***** https://datax-smb-logger-hoc-b-001.logging.comcast.net:9200 curl: (3) malformed
{
"name" : "datax-smb-logger-hoc-b-001.logging.comcast.net",
"cluster_name" : "datax-smb-logger_e6aff5bd-40b0-48cc-a994-5bfd1904b5e2",
"cluster_uuid" : "nqBL7htPST64fk36Q52opA",
"version" :
{ "number" : "7.10.2", "build_flavor" : "oss", "build_type" : "rpm", "build_hash" : "747e1cc71def077253878a59143c1f785afa92b9", "build_date" : "2021-01-13T00:42:12.435326Z", "build_snapshot" : false, "lucene_version" : "8.7.0", "minimum_wire_compatibility_version" : "6.8.0", "minimum_index_compatibility_version" : "6.0.0-beta1" } , "tagline" : "You Know, for Search" }
I exported the certificate for https://datax-smb-logger-hoc-b-001.logging.comcast.net in DER encoded binary X.509(.CER) and then used following commands to create the .jks file
openssl x509 -inform der -in Certificate.cer -out Certificate.pem
keytool -keystore Certificate.jks -alias CARoot -import -file Certificate.pem
Need to know what's the underlying issue with the SSL CA cert