| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> |
| <!-- Generated by Apache Maven Doxia at 2021-11-12 --> |
| <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> |
| <head> |
| <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> |
| <title>Apache James Project – Apache James Server 3 - ElasticSearch Configuration</title> |
| <style type="text/css" media="all"> |
| @import url("../css/james.css"); |
| @import url("../css/maven-base.css"); |
| @import url("../css/maven-theme.css"); |
| @import url("../css/site.css"); |
| @import url("../js/jquery/css/custom-theme/jquery-ui-1.8.5.custom.css"); |
| @import url("../js/jquery/css/print.css"); |
| @import url("../js/fancybox/jquery.fancybox-1.3.4.css"); |
| </style> |
| <script type="text/javascript" src="../js/jquery/js/jquery-1.4.2.min.js"></script> |
| <script type="text/javascript" src="../js/jquery/js/jquery-ui-1.8.5.custom.min.js"></script> |
| <script type="text/javascript" src="../js/fancybox/jquery.fancybox-1.3.4.js"></script> |
| <link rel="stylesheet" href="../css/print.css" type="text/css" media="print" /> |
| <meta name="Date-Revision-yyyymmdd" content="20211112" /> |
| <meta http-equiv="Content-Language" content="en" /> |
| |
| <!-- Google Analytics --> |
| <script type="text/javascript"> |
| |
| var _gaq = _gaq || []; |
| _gaq.push(['_setAccount', 'UA-1384591-1']); |
| _gaq.push(['_trackPageview']); |
| |
| (function() { |
| var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; |
| ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; |
| var s = document.getElementsByTagName('script').item(0); s.parentNode.insertBefore(ga, s); |
| })(); |
| |
| </script> |
| </head> |
| <body class="composite"> |
| <div id="banner"> |
| <a href="../index.html" id="bannerLeft" title="james-logo.png"> |
| |
| |
| <img src="../images/logos/james-logo.png" alt="James Project" /> |
| </a> |
| <a href="https://www.apache.org/index.html" id="bannerRight"> |
| |
| |
| <img src="images/logos/asf_logo_small.png" alt="The Apache Software Foundation" /> |
| </a> |
| <div class="clear"> |
| <hr/> |
| </div> |
| </div> |
| <div id="breadcrumbs"> |
| |
| |
| <div class="xleft"> |
| <span id="publishDate">Last Published: 2021-11-12</span> |
| </div> |
| <div class="xright"> <a href="../index.html" title="Home">Home</a> |
| | |
| <a href="../documentation.html" title="James">James</a> |
| | |
| <a href="../mime4j/index.html" title="Mime4J">Mime4J</a> |
| | |
| <a href="../jsieve/index.html" title="jSieve">jSieve</a> |
| | |
| <a href="../jspf/index.html" title="jSPF">jSPF</a> |
| | |
| <a href="../jdkim/index.html" title="jDKIM">jDKIM</a> |
| |
| |
| </div> |
| <div class="clear"> |
| <hr/> |
| </div> |
| </div> |
| <div id="leftColumn"> |
| <div id="navcolumn"> |
| |
| |
| <h5>James components</h5> |
| <ul> |
| <li class="collapsed"> |
| <a href="../documentation.html" title="About James">About James</a> |
| </li> |
| <li class="expanded"> |
| <a href="../server/index.html" title="Server">Server</a> |
| <ul> |
| <li class="none"> |
| <a href="../server/advantages.html" title="Advantages">Advantages</a> |
| </li> |
| <li class="none"> |
| <a href="../server/objectives.html" title="Objectives">Objectives</a> |
| </li> |
| <li class="expanded"> |
| <a href="../server/quick-start.html" title="User Manual">User Manual</a> |
| <ul> |
| <li class="collapsed"> |
| <a href="../server/features.html" title="1. Features">1. Features</a> |
| </li> |
| <li class="none"> |
| <a href="../server/packaging.html" title="2. Packaging">2. Packaging</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/install.html" title="3. Install James">3. Install James</a> |
| </li> |
| <li class="expanded"> |
| <a href="../server/config.html" title="4. Configure James">4. Configure James</a> |
| <ul> |
| <li class="none"> |
| <a href="../server/config-listeners.html" title="Additional mailbox listeners">Additional mailbox listeners</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-antispam.html" title="Anti Spam">Anti Spam</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-blob-export.html" title="Blob Export">Blob Export</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-blobstore.html" title="BlobStore">BlobStore</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-cassandra.html" title="Cassandra">Cassandra</a> |
| </li> |
| <li class="none"> |
| <strong>ElasticSearch</strong> |
| </li> |
| <li class="none"> |
| <a href="../server/config-vault.html" title="Deleted Messages Vault">Deleted Messages Vault</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-dnsservice.html" title="DNS Service">DNS Service</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-domainlist.html" title="Domain List">Domain List</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-fetchmail.html" title="FetchMail">FetchMail</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-guice.html" title="Guice">Guice</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-imap4.html" title="IMAP4">IMAP4</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-jmap.html" title="JMAP">JMAP</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-mailrepositorystore.html" title="Mail Repository Stores">Mail Repository Stores</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-mailbox.html" title="Mailbox">Mailbox</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-mailetcontainer.html" title="Mailet Container">Mailet Container</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-healthcheck.html" title="Periodical Health Checks">Periodical Health Checks</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-pop3.html" title="POP3">POP3</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-quota.html" title="Quota">Quota</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-rabbitmq.html" title="RabbitMQ">RabbitMQ</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-recipientrewritetable.html" title="Recipient Rewrite">Recipient Rewrite</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-smtp-lmtp.html" title="SMTP LMTP">SMTP LMTP</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-sieve.html" title="Sieve">Sieve</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-ssl-tls.html" title="SSL/TLS">SSL/TLS</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-system.html" title="System">System</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-spring-jpa-postgres.html" title="Spring JPA Postgres">Spring JPA Postgres</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-users.html" title="Users">Users</a> |
| </li> |
| <li class="none"> |
| <a href="../server/config-webadmin.html" title="WebAdmin">WebAdmin</a> |
| </li> |
| </ul> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/manage.html" title="5. Manage">5. Manage</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/monitor.html" title="6. Monitor">6. Monitor</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/upgrade.html" title="7. Upgrade">7. Upgrade</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../server/dev.html" title="8. Developers Corner">8. Developers Corner</a> |
| </li> |
| </ul> |
| </li> |
| <li class="none"> |
| <a href="../mail.html#James_Mailing_lists" title="Mailing Lists">Mailing Lists</a> |
| </li> |
| <li class="none"> |
| <a href="../server/release-notes.html" title="Release Notes">Release Notes</a> |
| </li> |
| <li class="none"> |
| <a href="../server/apidocs/index.html" title="Javadoc">Javadoc</a> |
| </li> |
| <li class="none"> |
| <a href="https://issues.apache.org/jira/browse/JAMES" title="Issue Tracker">Issue Tracker</a> |
| </li> |
| <li class="none"> |
| <a href="https://github.com/apache/james-project" title="Sources">Sources</a> |
| </li> |
| <li class="none"> |
| <a href="../server/rfcs.html" title="RFCs">RFCs</a> |
| </li> |
| <li class="none"> |
| <a href="../download.cgi#Apache_James_Server" title="Download releases">Download releases</a> |
| </li> |
| </ul> |
| </li> |
| <li class="collapsed"> |
| <a href="../mailet/index.html" title="Mailets">Mailets</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../mailbox/index.html" title="Mailbox">Mailbox</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../protocols/index.html" title="Protocols">Protocols</a> |
| </li> |
| <li class="collapsed"> |
| <a href="../mpt/index.html" title="MPT">MPT</a> |
| </li> |
| </ul> |
| <h5>Apache Software Foundation</h5> |
| <ul> |
| <li> |
| <strong> |
| <a title="ASF" href="http://www.apache.org/">ASF</a> |
| </strong> |
| </li> |
| <li> |
| <a title="Get Involved" href="http://www.apache.org/foundation/getinvolved.html">Get Involved</a> |
| </li> |
| <li> |
| <a title="FAQ" href="http://www.apache.org/foundation/faq.html">FAQ</a> |
| </li> |
| <li> |
| <a title="License" href="http://www.apache.org/licenses/" >License</a> |
| </li> |
| <li> |
| <a title="Sponsorship" href="http://www.apache.org/foundation/sponsorship.html">Sponsorship</a> |
| </li> |
| <li> |
| <a title="Thanks" href="http://www.apache.org/foundation/thanks.html">Thanks</a> |
| </li> |
| <li> |
| <a title="Security" href="http://www.apache.org/security/">Security</a> |
| </li> |
| </ul> |
| <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"> |
| <img class="poweredBy" alt="Built by Maven" src="../images/logos/maven-feather.png" /> |
| </a> |
| |
| |
| </div> |
| </div> |
| <div id="bodyColumn"> |
| <div id="contentBox"> |
| |
| |
| |
| |
| <section> |
| <h2><a name="ElasticSearch_Configuration"></a>ElasticSearch Configuration</h2> |
| |
| This configuration applies only to Guice wiring. |
| |
| |
| <p>Consult <a class="externalLink" href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/sample-configuration/elasticsearch.properties">elasticsearch.properties</a> to get some examples and hints.</p> |
| |
| Connection to a cluster : |
| |
| |
| <dl> |
| |
| <dt><b>elasticsearch.masterHost</b></dt> |
| |
| <dd>Is the IP (or host) of the ElasticSearch master</dd> |
| |
| <dt><b>elasticsearch.port</b></dt> |
| |
| <dd>Is the port of ElasticSearch master</dd> |
| |
| |
| <dt><b>elasticsearch.hostScheme</b></dt> |
| |
| <dd> |
| Optional. Only http or https are accepted, default is http. In case of <b>https</b>, |
| and you want to override the default SSL Validation behavior of the client, |
| consult the section <b>SSL Trusting Configuration</b> for more details. |
| </dd> |
| |
| |
| <dt><b>elasticsearch.user</b></dt> |
| |
| <dd> |
| Optional. |
| Basic auth username to access elasticsearch. |
| Ignore elasticsearch.user and elasticsearch.password to not be using authentication (default behaviour). |
| Otherwise, you need to specify both properties. |
| </dd> |
| |
| |
| <dt><b>elasticsearch.password</b></dt> |
| |
| <dd> |
| Optional. |
| Basic auth password to access elasticsearch. |
| Ignore elasticsearch.user and elasticsearch.password to not be using authentication (default behaviour). |
| Otherwise, you need to specify both properties. |
| </dd> |
| </dl> |
| |
| Or you can connect a cluster by : |
| |
| |
| <dl> |
| |
| <dt><b>elasticsearch.hosts</b></dt> |
| |
| <dd>List of comma separated hosts. An host is composed of an address and a port separated by a ':'. Example : elasticsearch.hosts=host1:9200,host2:9200</dd> |
| </dl> |
| |
| Other options includes : |
| |
| |
| <dl> |
| |
| <dt><b>elasticsearch.clusterName</b></dt> |
| |
| <dd>Is the name of the cluster used by James.</dd> |
| |
| <dt><b>elasticsearch.nb.shards</b></dt> |
| |
| <dd>Number of shards for index provisionned by James</dd> |
| |
| <dt><b>elasticsearch.nb.replica</b></dt> |
| |
| <dd>Number of replica for index provisionned by James (default: 0)</dd> |
| |
| <dt><b>elasticsearch.index.waitForActiveShards (default: 1)</b></dt> |
| |
| <dd>Wait for a certain number of active shard copies before proceeding with the operation.</dd> |
| |
| <dd>You may consult the <a class="externalLink" href="https://www.elastic.co/guide/en/elasticsearch/reference/7.10/docs-index_.html#active-shards">documentation</a> for more information.</dd> |
| |
| <dt><b>elasticsearch.index.mailbox.name</b></dt> |
| |
| <dd>Name of the mailbox index backed by the alias. It will be created if missing.</dd> |
| |
| <dt><b>elasticsearch.index.name</b></dt> |
| |
| <dd><b>Deprecated</b> Use <b>elasticsearch.index.mailbox.name</b> instead. <br /> |
| Name of the mailbox index backed by the alias. It will be created if missing.</dd> |
| |
| <dt><b>elasticsearch.alias.read.mailbox.name</b></dt> |
| |
| <dd>Name of the alias to use by Apache James for mailbox reads. It will be created if missing. |
| The target of the alias is the index name configured above.</dd> |
| |
| <dt><b>elasticsearch.alias.read.name</b></dt> |
| |
| <dd><b>Deprecated</b> Use <b>elasticsearch.alias.read.mailbox.name</b> instead. <br /> |
| Name of the alias to use by Apache James for mailbox reads. It will be created if missing. |
| The target of the alias is the index name configured above.</dd> |
| |
| <dt><b>elasticsearch.alias.write.mailbox.name</b></dt> |
| |
| <dd>Name of the alias to use by Apache James for mailbox writes. It will be created if missing. |
| The target of the alias is the index name configured above.</dd> |
| |
| <dt><b>elasticsearch.alias.write.name</b></dt> |
| |
| <dd><b>Deprecated</b> Use <b>elasticsearch.alias.write.mailbox.name</b> instead. <br /> |
| Name of the alias to use by Apache James for mailbox writes. It will be created if missing. |
| The target of the alias is the index name configured above.</dd> |
| |
| <dt><b>elasticsearch.retryConnection.maxRetries</b></dt> |
| |
| <dd>Number of retries when connecting the cluster</dd> |
| |
| <dt><b>elasticsearch.retryConnection.minDelay</b></dt> |
| |
| <dd>Minimum delay between connection attempts</dd> |
| |
| <dt><b>elasticsearch.indexAttachments</b></dt> |
| |
| <dd>Indicates if you wish to index attachments or not (default: true).</dd> |
| |
| <dt><b>elasticsearch.index.quota.ratio.name</b></dt> |
| |
| <dd>Specify the ElasticSearch alias name used for quotas</dd> |
| |
| <dt><b>elasticsearch.alias.read.quota.ratio.name</b></dt> |
| |
| <dd>Specify the ElasticSearch alias name used for reading quotas</dd> |
| |
| <dt><b>elasticsearch.alias.write.quota.ratio.name</b></dt> |
| |
| <dd>Specify the ElasticSearch alias name used for writing quotas</dd> |
| </dl> |
| |
| |
| <p> |
| ElasticSearch component can be disabled but consider it would make search feature to not work. In particular it will break JMAP protocol and SEARCH IMAP comment in an nondeterministic way. |
| This is controlled in the search.properties file via the implementation property (defaults |
| to ElasticSearch). Setting this configuration parameter to scanning will effectively disable ElasticSearch, no |
| further indexation will be done however searches will rely on the scrolling search, leading to expensive and longer |
| searches. Disabling ElasticSearch requires no extra action, however |
| <a class="externalLink" href="https://github.com/apache/james-project/blob/master/src/site/markdown/server/manage-webadmin.md#reindexing-all-mails"> |
| a full re-indexing</a> needs to be carried out when enabling ElasticSearch. |
| </p> |
| |
| For configuring the metric reporting on ElasticSearch : |
| |
| |
| <p> |
| In server version 3.6.0 james moved from Elasticsearch 6 to 7 and the metric reporting on Elasticsearch is deprecated. |
| You can still use metric reporting on Elasticsearch but that requires you to run a separate Elasticsearch 6 instance and use that in your Elasticsearch metric reporting configuration. |
| </p> |
| |
| |
| <dl> |
| |
| <dt><b>elasticsearch.http.host</b></dt> |
| |
| <dd>Host to report metrics on. Defaults to master host. Compatible with 6.x hosts</dd> |
| |
| |
| <dt><b>elasticsearch.http.port</b></dt> |
| |
| <dd>Http port to use for publishing metrics</dd> |
| |
| |
| <dt><b>elasticsearch.metrics.reports.enabled</b></dt> |
| |
| <dd>Boolean value. Enables metrics reporting.</dd> |
| |
| |
| <dt><b>elasticsearch.metrics.reports.period</b></dt> |
| |
| <dd>Seconds between metric reports</dd> |
| |
| |
| <dt><b>elasticsearch.metrics.reports.index</b></dt> |
| |
| <dd>Index to publish metrics on</dd> |
| </dl> |
| |
| |
| <p>If you want more explanation about ElasticSearch configuration, you should visit the dedicated <a class="externalLink" href="https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html">documentation</a>.</p> |
| |
| </section> |
| |
| <section> |
| <h2><a name="Tika_Configuration"></a>Tika Configuration</h2> |
| |
| |
| <p>When using ElasticSearch, you can configure an external Tika server for extracting and indexing text from attachments. |
| Thus you can significantly improve user experience upon text searches.</p> |
| |
| |
| <p>Note that to use this feature you need Guice, built with ElasticSearch</p> |
| |
| |
| <p>Consult <a class="externalLink" href="https://github.com/apache/james-project/blob/master/server/apps/distributed-app/sample-configuration/tika.properties">tika.properties</a> to get some examples and hints.</p> |
| |
| Here are the different properties: |
| |
| |
| <dl> |
| |
| <dt><b>tika.enabled</b></dt> |
| |
| <dd>Should Tika text extractor be used? <br /> |
| If true, the TikaTextExtractor will be used behind a cache. <br /> |
| If false, the DefaultTextExtractor will be used (naive implementation only supporting text).<br /> |
| Defaults to false.</dd> |
| |
| |
| <dt><b>tika.host</b></dt> |
| |
| <dd>IP or domain name of your Tika server. The default value is 127.0.0.1</dd> |
| |
| |
| <dt><b>tika.port</b></dt> |
| |
| <dd>Port of your tika server. The default value is 9998</dd> |
| |
| |
| <dt><b>tika.timeoutInMillis</b></dt> |
| |
| <dd>Timeout when issuing request to the tika server. The default value is 3 seconds.</dd> |
| |
| |
| <dt><b>tika.cache.eviction.period</b></dt> |
| |
| <dd>A cache is used to avoid, when possible, query Tika multiple time for the same attachments. <br /> |
| This entry determines how long after the last read an entry vanishes.<br /> |
| Please note that units are supported (ms - millisecond, s - second, m - minute, h - hour, d - day). Default unit is seconds. <br /> |
| Default value is <b>1 day</b></dd> |
| |
| |
| <dt><b>tika.cache.enabled</b></dt> |
| |
| <dd>Should the cache be used? False by default</dd> |
| |
| |
| <dt><b>tika.cache.weight.max</b></dt> |
| |
| <dd>Maximum weight of the cache.<br /> |
| A value of <b>0</b> disables the cache<br /> |
| Please note that units are supported (K for KB, M for MB, G for GB). Defaults is no units, so in bytes.<br /> |
| Default value is <b>100 MB</b>.</dd> |
| |
| |
| <dt><b>tika.contentType.blacklist</b></dt> |
| |
| <dd>Blacklist of content type is known-to-be-failing with Tika. Specify the list with comma separator.</dd> |
| </dl> |
| |
| Note: You can launch a tika server using this command line: |
| |
| |
| <div> |
| <pre>docker run --name tika linagora/docker-tikaserver:1.24</pre></div> |
| |
| </section> |
| |
| <section> |
| <h2><a name="SSL_Trusting_Configuration"></a>SSL Trusting Configuration</h2> |
| |
| |
| <p> |
| By default James will use the system TrustStore to validate https server certificates, if the certificate on |
| ES side is already in the system TrustStore, you can leave the sslValidationStrategy property empty or set it to default. |
| </p> |
| |
| |
| <dl> |
| |
| <dt><b>elasticsearch.hostScheme.https.sslValidationStrategy</b></dt> |
| |
| <dd> |
| Optional. Accept only <b>default</b>, <b>ignore</b>, <b>override</b>. Default is <b>default</b> |
| </dd> |
| |
| <dd> |
| default: Use the default SSL TrustStore of the system. |
| ignore: Ignore SSL Validation check (not recommended). |
| override: Override the SSL Context to use a custom TrustStore containing ES server's certificate. |
| </dd> |
| </dl> |
| |
| |
| <p> |
| In some cases, you want to secure the connection from clients to ES by setting up a <b>https</b> protocol |
| with a self signed certificate. And you prefer to left the system ca-certificates un touch. |
| There are possible solutions to let the ES RestHighLevelClient to trust your self signed certificate. |
| </p> |
| |
| <p> |
| First solution: ignoring SSL check. |
| In case you want to ignore the SSL check, simply, just don't specify below options. Otherwise, configuring the trust |
| requires some prerequisites and they are explained in below block. |
| </p> |
| |
| <p> |
| Second solution: importing a TrustStore containing the certificate into SSL context. |
| A certificate normally contains two parts: a public part in .crt file, another private part in .key file. |
| To trust the server, the client needs to be acknowledged that the server's certificate is in the list of |
| client's TrustStore. Basically, you can create a local TrustStore file containing the public part of a remote server |
| by execute this command: |
| </p> |
| |
| |
| <div> |
| <pre> |
| keytool -import -v -trustcacerts -file certificatePublicFile.crt -keystore trustStoreFileName.jks -keypass fillThePassword -storepass fillThePassword |
| </pre></div> |
| |
| |
| <p> |
| When there is a TrustStore file and the password to read, fill two options <b>trustStorePath</b> |
| and <b>trustStorePassword</b> with the TrustStore location and the password. ES client will accept |
| the certificate of ES service. |
| </p> |
| |
| |
| <dl> |
| |
| <dt><b>elasticsearch.hostScheme.https.trustStorePath</b></dt> |
| |
| <dd> |
| Optional. Use it when https is configured in elasticsearch.hostScheme, and sslValidationStrategy is <b>override</b> |
| Configure Elasticsearch rest client to use this trustStore file to recognize nginx's ssl certificate. |
| Once you chose <b>override</b>, you need to specify both trustStorePath and trustStorePassword. |
| </dd> |
| |
| |
| <dt><b>elasticsearch.hostScheme.https.trustStorePassword</b></dt> |
| |
| <dd> |
| Optional. Use it when https is configured in elasticsearch.hostScheme, and sslValidationStrategy is <b>override</b> |
| Configure Elasticsearch rest client to use this trustStore file with the specified password. |
| Once you chose <b>override</b>, you need to specify both trustStorePath and trustStorePassword. |
| </dd> |
| </dl> |
| |
| |
| <p> |
| During SSL handshaking, the client can determine whether accept or reject connecting to a remote server by its hostname. |
| You can configure to use which HostNameVerifier in the client. |
| </p> |
| |
| <dl> |
| |
| <dt><b>elasticsearch.hostScheme.https.hostNameVerifier</b></dt> |
| |
| <dd> |
| Optional. Default is <b>default</b>. |
| </dd> |
| |
| <dd> |
| default: using the default hostname verifier provided by apache http client. |
| accept_any_hostname: accept any host (not recommended). |
| </dd> |
| </dl> |
| </section> |
| |
| |
| |
| </div> |
| </div> |
| <div class="clear"> |
| <hr/> |
| </div> |
| <div id="footer"> |
| <div class="xright">Copyright © 2006-2021 |
| <a href="https://www.apache.org/">The Apache Software Foundation</a>. |
| All Rights Reserved. |
| |
| </div> |
| <div class="clear"> |
| <hr/> |
| </div> |
| </div> |
| </body> |
| </html> |