“Golang Elastic Search 安全自动配置 HTTP CA 证书” 不被信任。

huangapple go评论83阅读模式
英文:

Golang elastic search security auto-configuration HTTP CA” certificate is not trusted

问题

我是你的中文翻译助手,以下是翻译好的内容:

我是golang的新手,尝试使用go的默认包(go-elasticsearch)连接到Elasticsearch。以下是我尝试使用的连接代码:

Elasticsearch配置:

var _elasticSearchConfiguration = elasticsearch.Config{
	Addresses: []string{
		"https://localhost:9200",
	},
	Username: "elastic",
	Password: "123456",
	Transport: &http.Transport{
		MaxIdleConnsPerHost:   10,
		ResponseHeaderTimeout: time.Second,
		DialContext:           (&net.Dialer{Timeout: time.Second}).DialContext,
		TLSClientConfig: &tls.Config{
		  MinVersion:         tls.VersionTLS12,
		},
	},	
}

使用上述配置:

func GetAllJsonObjectDemos(responseWriter http.ResponseWriter, request *http.Request) {
	_elasticsearch, err := elasticsearch.NewClient(_elasticSearchConfiguration)
	if err != nil {
		log.Fatalf("Error creating elasticsearch client: %v", err)
	}
	elasticSearchResponse, err := _elasticsearch.Info()
	if err != nil {
		log.Fatalf("Error getting response: %s", err)
	}
	defer elasticSearchResponse.Body.Close()
	log.Println(elasticSearchResponse)
}

我真的很想知道我在这里漏掉了什么,感谢所有的贡献者。

我期待着golang和Elasticsearch的连接代码,或者任何建议。

英文:

I am new to golang, trying to conenct golang with elastic search below is my code which I tried to connect using default package of go (go-elasticsearch)

Elastic Search Configuration

var _elasticSearchConfiguration = elasticsearch.Config{
	Addresses: []string{
		"https://localhost:9200",
	},
	Username: "elastic",
	Password: "123456",
	Transport: &http.Transport{
		MaxIdleConnsPerHost:   10,
		ResponseHeaderTimeout: time.Second,
		DialContext:           (&net.Dialer{Timeout: time.Second}).DialContext,
		TLSClientConfig: &tls.Config{
		  MinVersion:         tls.VersionTLS12,
		},
	},	
}

usage of the above configuration

func GetAllJsonObjectDemos(responseWriter http.ResponseWriter, request *http.Request) {
	_elasticsearch, err := elasticsearch.NewClient(_elasticSearchConfiguration)
	if err != nil {
		log.Fatalf("Error creating elasticsearch client: %v", err)
	}
	elasticSearchResponse, err := _elasticsearch.Info()
	if err != nil {
		log.Fatalf("Error getting response: %s", err)
	}
	defer elasticSearchResponse.Body.Close()
	log.Println(elasticSearchResponse)

}

I would really like to know what Am I missing here, Thanks to all the contributors.

I am expecting Connection code of golang & elastic search or any suggestion.

答案1

得分: 1

要解决certificate is not trusted错误,你可以将证书添加到tls配置的RootCAs中。

示例代码

	rootCAs, _ := x509.SystemCertPool()
	if rootCAs == nil {
		rootCAs = x509.NewCertPool()
	}

	// 读取证书文件
	certs, err := os.ReadFile("localCertFile")

	// 将证书添加到系统池中
	rootCAs.AppendCertsFromPEM(certs)

	var _elasticSearchConfiguration = elasticsearch.Config{
		Addresses: []string{
			"https://localhost:9200",
		},
		Username: "elastic",
		Password: "123456",
		Transport: &http.Transport{
			MaxIdleConnsPerHost:   10,
			ResponseHeaderTimeout: time.Second,
			DialContext:           (&net.Dialer{Timeout: time.Second}).DialContext,
			TLSClientConfig: &tls.Config{
				RootCAs:    rootCAs,
				MinVersion: tls.VersionTLS12,
			},
		},
	}

请注意,以上代码是用于将证书添加到TLS配置中的示例代码。你需要将localCertFile替换为你实际的证书文件路径,并根据你的实际情况进行相应的修改。

英文:

To resolve the error certificate is not trusted, you could add the certificate to RootCAs of tls config.

Sample codes

	rootCAs, _ := x509.SystemCertPool()
	if rootCAs == nil {
		rootCAs = x509.NewCertPool()
	}

	// Read the cert file
	certs, err := os.ReadFile("localCertFile")

	// add our cert to the system pool
	rootCAs.AppendCertsFromPEM(certs)

	var _elasticSearchConfiguration = elasticsearch.Config{
		Addresses: []string{
			"https://localhost:9200",
		},
		Username: "elastic",
		Password: "123456",
		Transport: &http.Transport{
			MaxIdleConnsPerHost:   10,
			ResponseHeaderTimeout: time.Second,
			DialContext:           (&net.Dialer{Timeout: time.Second}).DialContext,
			TLSClientConfig: &tls.Config{
				RootCAs:    rootCAs,
				MinVersion: tls.VersionTLS12,
			},
		},
	}

huangapple
  • 本文由 发表于 2022年10月28日 13:34:19
  • 转载请务必保留本文链接:https://go.coder-hub.com/74231036.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定