public OpenDistroElasticsearchClient(Uri elasticSearchUri, ILogger <OpenDistroElasticsearchClient> logger)
{
_logger = logger;
var userInfo = elasticSearchUri.UserInfo.Split(':');
var user = userInfo[0];
var password = userInfo[1];
var rootCaCert = new X509Certificate2("root-ca.pem");
var httpClientHandler = new HttpClientHandler
{
ServerCertificateCustomValidationCallback = (message, cert, chain, errors) =>
{
chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
chain.ChainPolicy.ExtraStore.Add(rootCaCert);
chain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllowUnknownCertificateAuthority;
return(chain.Build(cert));
}
};
var authHeader = new AuthenticationHeaderValue("Basic", Convert.ToBase64String(Encoding.UTF8.GetBytes($"{user}:{password}")));
_httpClient = new HttpClient(httpClientHandler, true)
{
BaseAddress = elasticSearchUri
};
_httpClient.DefaultRequestHeaders.Authorization = authHeader;
var nestSettings = new ConnectionSettings(elasticSearchUri)
.BasicAuthentication(user, password)
.ServerCertificateValidationCallback(CertificateValidations.AuthorityIsRoot(rootCaCert));
_elasticClient = new ElasticClient(nestSettings);
}
public LogRepository(Uri elasticSearchUri)
{
var userInfo = elasticSearchUri.UserInfo.Split(':');
var user = userInfo[0];
var password = userInfo[1];
var rootCaCert = new X509Certificate2("root-ca.pem");
var nestSettings = new ConnectionSettings(elasticSearchUri)
.BasicAuthentication(user, password)
.ServerCertificateValidationCallback(CertificateValidations.AuthorityIsRoot(rootCaCert));
_elasticClient = new ElasticClient(nestSettings);
}
private ElasticClient GetConnection(DBType dBType, string index, string user, string pwd)
{
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var uris = dBType.GetUris();
string certPath = dBType.GetCert();
if (certPath != null)
{
var connectionPool = new SniffingConnectionPool(uris);
var settings = new ConnectionSettings(connectionPool);
settings.RequestTimeout(TimeSpan.FromMinutes(10));
if (certPath != "NOT_NEEDED")
{
X509Certificate cert = new X509Certificate(certPath);
settings.ServerCertificateValidationCallback(CertificateValidations.AuthorityIsRoot(cert));
}
else
{
ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback(delegate { return(true); });
}
if ((uris != null) && uris.Count() == 1)
{
var pool = new SingleNodeConnectionPool(uris.First());
var defaultIndex = index;
settings = new ConnectionSettings(pool);
}
settings.BasicAuthentication(user, pwd);
settings.DefaultIndex(index);
ElasticClient elkClient = new ElasticClient(settings);
return(elkClient);
}
else
{
return(null);
}
}
//Class Funtions
private ElasticClient CreateNewClient()
{
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
IConnectionPool connectionPool;
if (_ConnectionManager.Uris.Length > 0)
{
if (_ConnectionManager.Uris.Length > 1)
{
connectionPool = new SniffingConnectionPool(_ConnectionManager.Uris);
}
else
{
connectionPool = new SingleNodeConnectionPool(_ConnectionManager.Uris[0]);
}
}
else
{
throw new Exception("Uris can not be null or empty");
}
ConnectionSettings settings = new ConnectionSettings(connectionPool);
if (_ConnectionManager.CertificateFilePath != null)
{
X509Certificate certificate = new X509Certificate(_ConnectionManager.CertificateFilePath);
settings.ServerCertificateValidationCallback(CertificateValidations.AuthorityIsRoot(certificate));
}
else
{
settings.ServerCertificateValidationCallback(CertificateValidations.AllowAll);
}
settings.BasicAuthentication(_ConnectionManager.UserName, _ConnectionManager.Password);
settings.RequestTimeout(_ConnectionManager.ConnectionTimeOut ?? TimeSpan.FromMinutes(1));
ElasticClient client = new ElasticClient(settings);
return(client);
}
protected override ConnectionSettings ConnectionSettings(ConnectionSettings s) => s
.ServerCertificateValidationCallback(
CertificateValidations.AuthorityPartOfChain(new X509Certificate(this.ClusterConfiguration.FileSystem.UnusedCaCertificate))
);
protected override ConnectionSettings ConnectionSettings(ConnectionSettings s) => s
.ServerCertificateValidationCallback(
CertificateValidations.AuthorityIsRoot(new X509Certificate(this.Node.FileSystem.CaCertificate))
);
