Http client did not trust this server s certificate closing connection – How to solve this Elasticsearch error

Opster Team

Aug-23, Version: 6.8-6.8

Briefly, this error occurs when the Elasticsearch HTTP client cannot verify the SSL/TLS certificate of the server it’s trying to connect to. This could be due to an expired certificate, a self-signed certificate, or a certificate from an untrusted source. To resolve this issue, you can either update the certificate with a valid one from a trusted Certificate Authority, or configure the Elasticsearch client to trust the server’s certificate. If it’s a self-signed certificate, you need to add it to the client’s truststore. Always ensure your certificates are up-to-date to avoid such issues.

This guide will help you check for common problems that cause the log ” Http client did not trust this server’s certificate; closing connection {} ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: client and plugin.

Log Context

Log “Http client did not trust this server’s certificate; closing connection {}” classname is SecurityNetty4HttpServerTransport.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         } else if (isReceivedCertificateUnknownException(cause)) {
            if (logger.isTraceEnabled()) {
                logger.trace(new ParameterizedMessage("http client did not trust server's certificate; closing connection {}";
                                ctx.channel()); cause);
            } else {
                logger.warn("http client did not trust this server's certificate; closing connection {}"; ctx.channel());
            }
            ctx.channel().close();
        } else {
            super.exceptionCaught(ctx; cause);
        }




 

How helpful was this guide?

We are sorry that this post was not useful for you!

Let us improve this post!

Tell us how we can improve this post?