我正在尝试通过Python从我的localhost访问ElasticSearch AWS(我可以通过浏览器访问它)。
from elasticsearch import Elasticsearch
ELASTIC_SEARCH_ENDPOINT = 'https://xxx'
es = Elasticsearch([ELASTIC_SEARCH_ENDPOINT])
我收到此错误:
ImproperlyConfigured('Root certificates are missing for certificate validation. Either pass them in using the ca_certs parameter or install certifi to use it automatically.',)
我该如何访问它?我没有配置任何证书,我只解放了可以访问ElasticSearch Service的IP。
答案 0 :(得分:13)
for python 3.5 install certifi并使用ca_certs = certifi.where()这将传递证书
import certifi
from elasticsearch import Elasticsearch
host = 'https://###########.ap-south-1.es.amazonaws.com'
es = Elasticsearch([host], use_ssl=True, ca_certs=certifi.where())
答案 1 :(得分:9)
elasticsearch-py不附带默认的根证书集。要使用SSL证书验证,您需要将自己指定为ca_certs或安装将自动获取的证书。
from elasticsearch import Elasticsearch
# you can use RFC-1738 to specify the url
es = Elasticsearch(['https://user:secret@localhost:443'])
# ... or specify common parameters as kwargs
# use certifi for CA certificates
import certifi
es = Elasticsearch(
['localhost', 'otherhost'],
http_auth=('user', 'secret'),
port=443,
use_ssl=True
)
# SSL client authentication using client_cert and client_key
es = Elasticsearch(
['localhost', 'otherhost'],
http_auth=('user', 'secret'),
port=443,
use_ssl=True,
ca_certs='/path/to/cacert.pem',
client_cert='/path/to/client_cert.pem',
client_key='/path/to/client_key.pem',
)
答案 2 :(得分:5)
我是这样做的并且有效:
localhost答案 3 :(得分:2)
您还可以使用boto3生成临时访问密钥&秘密密钥。
import boto3
region = 'ap-southeast-2'
service = 'es'
session = boto3.Session()
credentials = session.get_credentials()
awsauth = AWS4Auth(credentials.access_key, credentials.secret_key,region, service,session_token=credentials.token)
es = Elasticsearch(
hosts = [{'host': host, 'port': 443}],
http_auth = awsauth,
use_ssl = True,
verify_certs = True,
connection_class = RequestsHttpConnection
)
https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-indexing.html