[
https://issues.apache.org/jira/browse/BEAM-7519?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17115600#comment-17115600
]
Yu Watanabe commented on BEAM-7519:
-----------------------------------
In general, elasticsearch provides its own self-signed certificate and is not
required to set mutual authentication .
[https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html#tls-http]
Depending on strictness of securing the connection, I thought disabling clinet
side certificate might be an option.
Reading the [Basic code
requirements|[https://beam.apache.org/documentation/io/developing-io-java/]] ,
it does not state about the strctness of SSL connection so I thought above
might be a option.
> Improve work with SSL/TLS certificates in SDK IO, for Google Dataflow
> ---------------------------------------------------------------------
>
> Key: BEAM-7519
> URL: https://issues.apache.org/jira/browse/BEAM-7519
> Project: Beam
> Issue Type: Wish
> Components: io-ideas, io-java-elasticsearch, io-java-gcp,
> io-java-kafka
> Reporter: Oleksandr Priadko
> Priority: P2
>
> Sinks like Kafka or Elasticsearch have worked with SSL/TLS. But all of these
> can read only certificates from a local machine (use
> java.io.File#File(java.lang.String).
> In the case of Google Dataflow, we can not easily copy files to a worker, I
> see two possible variants to read certificates from the worker:
> 1) somehow copy certificates to a worker from GC Storage
> 2) in Kafka IO or Elasticsearch IO read certificates directly from GC Storage
> Any thoughts about how I can solve this issue easily or mb other variants
> will be helpful.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
