Open arnitolog opened 5 years ago
ncliang
commented
4 years ago @arnitolog hope that you were able to workaround the issue. I did just send out https://github.com/confluentinc/kafka-connect-elasticsearch/pull/410 to add this feature to disable hostname verification when the elastic.https.ssl.endpoint.identification.algorithm is set to empty string.
ehausig
commented
4 years ago @ncliang I've run into the same issue recently and am glad that it's being addressed. When implementing this change, I suggest using an explicit value of none instead of using a blank (or zero-length string in the case of JSON). Not sure if this is feasible or not, but I generally find working with "blanks" more difficult to troubleshoot.
andrewthad
commented
4 years ago This is still broken. It would great if someone could correct the documentation to make it clear that it is not possible to disable verification.
vimalmpatel
commented
3 years ago any update on this ?
manishkaushik29
commented
2 years ago any update on this.
Hello, according to the documentations, there is an option in place: elastic.https.ssl.endpoint.identification.algorithm (https://docs.confluent.io/5.2.1/connect/kafka-connect-elasticsearch/configuration_options.html)
But seems like it is not really present. I tried to set it to "" or "none", but still got the error:
javax.net.ssl.SSLPeerUnverifiedException: Host name 'logging-cluster-es-client-service.default.svc.cluster.local' does not match the certificate subject provided by the peeris there a way to disable host verification?