疲劳是最舒适的枕头,努力工作吧。

esj集群连接报错问题

Elasticsearch | 作者 king0406 | 发布于2019年09月18日 | 阅读数:10404

es集群连接报错:
Caused by: ElasticsearchException[failed to initialize a TrustManagerFactory]; nested: IOException[keystore password was incorrect]; nested: UnrecoverableKeyException[failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.];
        at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:61)
        at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:394)
        at java.util.HashMap.computeIfAbsent(HashMap.java:1127)
        at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:461)
        at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:103)
        at org.elasticsearch.xpack.core.XPackClientPlugin.getTransports(XPackClientPlugin.java:490)
        ... 72 more
Caused by: java.io.IOException: keystore password was incorrect
        at sun.security.pkcs12.PKCS12KeyStore.engineLoad(PKCS12KeyStore.java:2059)
        at java.security.KeyStore.load(KeyStore.java:1445)
        at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:89)
        at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:58)
        ... 77 more
Caused by: java.security.UnrecoverableKeyException: failed to decrypt safe contents entry: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
        ... 81 more
证书和用户密码都核对过没有问题,请教是哪里出错了
已邀请:

wangzehao

赞同来自: mediaDoraemon

还有可能是Java连接ES的配置错了,我之前是:
.put("xpack.security.transport.ssl.truststore.path", elastic-certificates.p12的路径)
.put("xpack.security.transport.ssl.keystore.path", elastic-certificates.p12的路径)
就报了同样的错误(一字不差),后来改成
.put("xpack.security.transport.ssl.keystore.path", elastic-certificates.p12的路径)
.put("xpack.security.transport.ssl.keystore.password", password)
解决。

king0406

赞同来自:

已解决,es集群证书的问题,重新生成一份就好了https://www.tianmingxing.com/2 ... 25BD/

要回复问题请先登录注册