Log Exporter is not using https; but using user authentication with plaintext – How To Solve Related Issues


Log Exporter is not using https; but using user authentication with plaintext – How To Solve Related Issues

Opster Team

Jan-20, Version: 1.7-8.0

 

Before you begin reading this guide, we recommend you try running the Elasticsearch Error Check-Up which can resolve issues that cause many errors.

This guide will help you check for common problems that cause the log ” Exporter is not using https; but using user authentication with plaintext ” to appear. It’s important to understand the issues related to the log, so to get started, read the general overview on common issues and tips related to the Elasticsearch concepts: plugin.

Advanced users might want to skip right to the common problems section in each concept or try running the Check-Up which analyses ES to pinpoint the cause of many errors and provides suitable actionable recommendations how to resolve them (free tool that requires no installation).

Log context

Log “Exporter [{}] is not using https; but using user authentication with plaintext” classname is HttpExporter.java
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         }
        final CredentialsProvider credentialsProvider = createCredentialsProvider(config);
        List hostList = HOST_SETTING.getConcreteSettingForNamespace(config.name()).get(config.settings());
        // sending credentials in plaintext!
        if (credentialsProvider != null && hostList.stream().findFirst().orElse("").startsWith("https") == false) {
            logger.warn("exporter [{}] is not using https; but using user authentication with plaintext " +
                    "username/password!"; config.name());
        }

        if (sslStrategy != null) {
            builder.setHttpClientConfigCallback(new SecurityHttpClientConfigCallback(sslStrategy; credentialsProvider));




 

Optimize Elasticsearch Performance

Try The Tool