11

我正在尝试通过 Python 从我的本地主机访问 ElasticSearch AWS(我可以通过浏览器访问它)。

from elasticsearch import Elasticsearch
ELASTIC_SEARCH_ENDPOINT = 'https://xxx'
es = Elasticsearch([ELASTIC_SEARCH_ENDPOINT])

我收到此错误:

ImproperlyConfigured('Root certificates are missing for certificate validation. Either pass them in using the ca_certs parameter or install certifi to use it automatically.',)

我怎样才能访问它?我没有配置任何证书,我只是解放了可以访问ElasticSearch服务的IP。

4

4 回答 4

20

对于 python 3.5 安装 certifi 并使用 ca_certs=certifi.where() 这将通过证书

import certifi
from elasticsearch import Elasticsearch

host = 'https://###########.ap-south-1.es.amazonaws.com'

es = Elasticsearch([host], use_ssl=True, ca_certs=certifi.where())
于 2017-12-12T17:11:52.367 回答
8

elasticsearch-py 不附带默认的根证书集。要进行有效的 SSL 证书验证,您需要将自己的证书指定为 ca_certs 或安装将自动获取的证书。

from elasticsearch import Elasticsearch

# you can use RFC-1738 to specify the url
es = Elasticsearch(['https://user:secret@localhost:443'])

# ... or specify common parameters as kwargs

# use certifi for CA certificates
import certifi

es = Elasticsearch(
    ['localhost', 'otherhost'],
    http_auth=('user', 'secret'),
    port=443,
    use_ssl=True 
)

# SSL client authentication using client_cert and client_key

es = Elasticsearch(
    ['localhost', 'otherhost'],
    http_auth=('user', 'secret'),
    port=443,
    use_ssl=True,
    ca_certs='/path/to/cacert.pem',
    client_cert='/path/to/client_cert.pem',
    client_key='/path/to/client_key.pem',
)

https://elasticsearch-py.readthedocs.io/en/master/

于 2017-03-28T10:09:19.530 回答
6

我这样做了,它奏效了:

from elasticsearch import Elasticsearch, RequestsHttpConnection
from requests_aws4auth import AWS4Auth

host = 'YOURHOST.us-east-1.es.amazonaws.com'
awsauth = AWS4Auth(YOUR_ACCESS_KEY, YOUR_SECRET_KEY, REGION, 'es')

es = Elasticsearch(
    hosts=[{'host': host, 'port': 443}],
    http_auth=awsauth,
    use_ssl=True,
    verify_certs=True,
    connection_class=RequestsHttpConnection
)
print(es.info())
于 2017-05-30T22:25:17.187 回答
2

您还可以使用 boto3 生成临时访问密钥和密钥。

import boto3

region = 'ap-southeast-2'
service = 'es'
session = boto3.Session()
credentials = session.get_credentials()

awsauth = AWS4Auth(credentials.access_key, credentials.secret_key,region, service,session_token=credentials.token)

es = Elasticsearch(
    hosts = [{'host': host, 'port': 443}],
    http_auth = awsauth,
    use_ssl = True,
    verify_certs = True,
    connection_class = RequestsHttpConnection
)

https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-indexing.html

于 2018-04-19T09:55:05.387 回答