I am trying to use the reindex api to copy an index from a remote cluster into the local cluster. What is the process for adding the cert for the remote cluster in order to connect? I have tried added the remote CA and intermediary to the plugins.security.ssl.transport.pemtrustedcas_filepath and plugins.security.ssl.http.pemtrustedcas_filepath but no luck.
Any suggestion on getting connection to a remote cluster working?
Error when trying to run reindex
{
"error" : {
"root_cause" : [
{
"type" : "s_s_l_handshake_exception",
"reason" : "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"
}
],
"type" : "s_s_l_handshake_exception",
"reason" : "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
"caused_by" : {
"type" : "validator_exception",
"reason" : "PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target",
"caused_by" : {
"type" : "sun_cert_path_builder_exception",
"reason" : "unable to find valid certification path to requested target"
}
}
},
"status" : 500
}
I am reindexing from elastic 8.7 to opensearch 1.2.0
The issue i have is that i have a cert i need to install. The cert is in my confimap but i dont know the parameter I need to set to point to the certificate
what parameter do i set in the opensearch.yml to use the cert in reindex?
When i access the elasticsearch index i added the cert to my connection object in my python code.
So what i am trying to do is add the same pem to teh helm chart and then know what param to set in the opensearch.yml.
Thanks
You can use reindex.ssl.truststore.path parameter in opensearch.yml.
Reindex API for OpenSearch 1.2 doesn’t work with the remote server ElasticSearch 8.7 in my lab. But Reindex API for OpenSearch 2.x works well with remote server ElasticSearch 8.7.