WintersMichael
commented
3 years ago I came here to report similar. Running with docker run -it --rm -p 5000:5000 -e HQ_VERIFY_CERTS=False elastichq/elasticsearch-hq and seeing the above error.
Open obsd-guru opened 3 years ago
WintersMichael
commented
3 years ago I came here to report similar. Running with docker run -it --rm -p 5000:5000 -e HQ_VERIFY_CERTS=False elastichq/elasticsearch-hq and seeing the above error.
Ohlnielsen
commented
3 years ago I am no expert at this, but this solved my similar issue (adding the enable SSL variable): docker run --rm -p 5000:5000 -e "HQ_ENABLE_SSL=True" -e "HQ_VERIFY_CERTS=False" elastichq/elasticsearch-hq
Connected successfully to elasticsearch (from ElasticHQ webpage) using https://[ip]:9200
sangdrax8
commented
3 years ago I have tried passing this variable, and still have issues connectiong. Since the only error is "bad certificate" I would guess it is still trying to verify the self signed cert.
hummermania
commented
2 years ago Connect to ES cluster with self-signed certificates successfully.
Write environment file on any path:
HQ_VERIFY_CERTS=False HQ_DEFAULT_URL=https://[HOST]:9200/ HQ_CA_CERTS=/path/to/ca.pem <= Issuer CA HQ_ENABLE_SSL=True
And run container using env file:
docker run --env-file /path/to/env -p 5000:5000 elastichq/elasticsearch-hq
General information
running elastichq as a container in an k8s enviroment, running " elastichq/elasticsearch-hq" from dockerhub.
Issue Description
access Elastic Cluster with no SSL : works access Elastic Cluster with valid SSL : works access Elastic Cluster with self-signed SSL : doenst work HQ_VERIFY_CERTS is set to False
Source Code / Logs
in the logs are lines like
Message: 'Unable to create connection to: https://10.10.10.10:9200' Arguments: (SSLError(MaxRetryError("HTTPSConnectionPool(host='10.10.10.10', port=9200): Max retries exceeded with url: / (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))",),),)
Be Patient
i will, but still looking forward for any tips ;)