Java client for security APIs

ronniepg · July 30, 2022, 2:46am

Are the security APIs API - OpenSearch documentation exposed from the java client?

Specifically my use case is to enhance a custom monitoring plugin to check if the node certificate has expired - API - OpenSearch documentation

Also with OpenSearch 1.2.4, the get certs API does know return anything, e.g.
curl -XGET -k https://hostname:9200/_opendistro/_security/api/ssl/certs

Is this is a known issue?

pablo · August 2, 2022, 11:34am

@ronniepg You need to authenticate to talk with the OpenSearch cluster when the security plugin is enabled.
To retrieve SSL certificates you’ll need to use the admin certificate defined in plugins.security.authcz.admin_dn in opensearch.yml file.

pablo · August 2, 2022, 11:38am

@ronniepg Is that what you’re looking for?

ronniepg · August 6, 2022, 12:31am

@pablo thanks for confirming that the admin certificate is required to get the certificate details. yes i did use the authentication - removed the credentials before posting here.

Regarding the Java APIs for the security plugin, i was wondering of there was some similar to Security APIs | Java REST Client [7.17] | Elastic

pablo · August 8, 2022, 12:30pm

@ronniepg As far as I can see in the docs, there is no Java high-Level REST client for the OpenSearch’s security module.

You can create a feature request in the OpenSearch GitHub.

Topic		Replies	Views
Security Opensearch Security	1	196	March 14, 2024
Opensearch security plugin with certificate chain Security	10	1667	June 12, 2024
How to setup/use Java OpenSearch client OpenSearch Client Libraries opensearch-java	1	1366	February 9, 2022
OpenSearch client certificate authentication Security	4	1747	May 6, 2022
Client certificate authentication - between Dashboard and Elastic nodes failing Security troubleshoot	11	2171	January 28, 2022

Java client for security APIs

Related topics