ivanovaleksandar
commented
2 years ago @aalemanq So, the config cat /etc/cerebro/application.conf should look something like this:
......
hosts = [
{
host = "https://xxxx.europe-west4.gcp.elastic-cloud.com:xxxx"
name = "cluster-name"
auth = {
username = "cerebro"
password = "password"
}
}
]I haven't had any issues with the certificates, but it is possible that it is an issue with the credentials.
waynegemmell
I try to manage my elastic cloud using cerebro but I cannot connect it:
Cerebro error:
efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | [error] p.a.h.DefaultHttpErrorHandler - efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | ! @7m5jfla5b - Internal server error, for (POST) [/connect] -> efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | play.api.UnexpectedException: Unexpected exception[ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 1] efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:355) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.api.http.DefaultHttpErrorHandler.onServerError(HttpErrorHandler.scala:261) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.core.server.AkkaHttpServer$$anonfun$2.applyOrElse(AkkaHttpServer.scala:430) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.core.server.AkkaHttpServer$$anonfun$2.applyOrElse(AkkaHttpServer.scala:422) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at scala.concurrent.impl.Promise$Transformation.run(Promise.scala:454) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | Caused by: java.net.ConnectException: No trust manager was able to validate this certificate chain: # of exceptions = 1 efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener.onFailure(NettyConnectListener.java:179) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.shaded.ahc.org.asynchttpclient.netty.channel.NettyConnectListener$1.onFailure(NettyConnectListener.java:151) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.shaded.ahc.org.asynchttpclient.netty.SimpleFutureListener.operationComplete(SimpleFutureListener.java:26) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListener0(DefaultPromise.java:577) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at play.shaded.ahc.io.netty.util.concurrent.DefaultPromise.notifyListeners0(DefaultPromise.java:570) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | Caused by: javax.net.ssl.SSLHandshakeException: No trust manager was able to validate this certificate chain: # of exceptions = 1 efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.Alert.createSSLException(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.TransportContext.fatal(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | Caused by: com.typesafe.sslconfig.ssl.CompositeCertificateException: No trust manager was able to validate this certificate chain: # of exceptions = 1 efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at com.typesafe.sslconfig.ssl.CompositeX509TrustManager.checkServerTrusted(CompositeX509TrustManager.scala:89) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.checkServerCerts(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(Unknown Source) efk-prod_cerebro.1.rrpzfc2fo0fn@devops-worker06 | at java.base/sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(Unknown Source)`Do you know how to connect to elastic cloud?
My url: https://XXX-elasticsearch.XX.XXX.aws.cloud.es.io:PORT
In the past, I was using cerebro against ES with searchguard and SSL using cert in cerebro conf, but...in elastic cloud, I don't have nothing, no certificates....so? any option?