2121import org .springframework .beans .factory .annotation .Value ;
2222import org .springframework .stereotype .Component ;
2323
24+ import com .floragunn .searchguard .ssl .SearchGuardSSLPlugin ;
25+ import com .floragunn .searchguard .ssl .util .SSLConfigConstants ;
26+
2427/**
2528 * Prepare the node to work with elastic search.
2629 *
@@ -39,15 +42,31 @@ public class ElasticSearchClient {
3942 private String clusterName ;
4043 private boolean resetData = false ;
4144 private Client client ;
45+ private boolean transportSSL = false ;
46+ private String keystore = null ;
47+ private String truststore = null ;
48+ private String keystorePassword = null ;
49+ private String truststorePassword = null ;
4250
4351 @ PostConstruct
4452 public void initialize () {
4553 if (this .isClient && this .isTransportClient ) {
4654 // when these both option are set, we use a transport client
47- Settings settings = Settings .settingsBuilder ()
48- .put ("cluster.name" , this .clusterName )
49- .build ();
50- TransportClient transportClient = TransportClient .builder ().settings (settings ).build ();
55+ Settings .Builder settingsBuilder = Settings .settingsBuilder ()
56+ .put ("cluster.name" , this .clusterName );
57+ if (transportSSL ) {
58+ settingsBuilder = settingsBuilder
59+ .put (SSLConfigConstants .SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_FILEPATH , this .keystore )
60+ .put (SSLConfigConstants .SEARCHGUARD_SSL_TRANSPORT_TRUSTSTORE_FILEPATH , this .truststore )
61+ .put (SSLConfigConstants .SEARCHGUARD_SSL_TRANSPORT_KEYSTORE_PASSWORD , this .keystorePassword )
62+ .put (SSLConfigConstants .SEARCHGUARD_SSL_TRANSPORT_TRUSTSTORE_PASSWORD , this .truststorePassword );
63+ }
64+ Settings settings = settingsBuilder .build ();
65+ TransportClient .Builder transportClientBuilder = TransportClient .builder ().settings (settings );
66+ if (transportSSL ) {
67+ transportClientBuilder = transportClientBuilder .addPlugin (SearchGuardSSLPlugin .class );
68+ }
69+ TransportClient transportClient = transportClientBuilder .build ();
5170 for (InetSocketTransportAddress add : adresses ) {
5271 transportClient .addTransportAddress (add );
5372 }
@@ -137,4 +156,32 @@ public void setHosts(final String hosts) {
137156 public void setResetData (final boolean resetData ) {
138157 this .resetData = resetData ;
139158 }
159+
160+ @ Value ("#{elasticsearchConfig['searchguard.ssl.transport.enabled']}" )
161+ public void setTransportSSL (Boolean transportSSL ) {
162+ if (transportSSL != null ) {
163+ this .transportSSL = transportSSL .booleanValue ();
164+ }
165+ }
166+
167+ @ Value ("#{elasticsearchConfig['searchguard.ssl.transport.keystore_filepath']}" )
168+ public void setKeystore (final String keystore ) {
169+ this .keystore = keystore ;
170+ }
171+
172+ @ Value ("#{elasticsearchConfig['searchguard.ssl.transport.truststore_filepath']}" )
173+ public void setTruststore (final String truststore ) {
174+ this .truststore = truststore ;
175+ }
176+
177+ @ Value ("#{elasticsearchConfig['searchguard.ssl.transport.keystore_password']}" )
178+ public void setKeystorePassword (final String password ) {
179+ this .keystorePassword = password ;
180+ }
181+
182+ @ Value ("#{elasticsearchConfig['searchguard.ssl.transport.truststore_password']}" )
183+ public void setTruststorePassword (final String password ) {
184+ this .truststorePassword = password ;
185+ }
186+
140187}
0 commit comments