Briefly, this error occurs when Elasticsearch Exporter is configured to use user authentication but is not using HTTPS, exposing sensitive data in plaintext. To resolve this, you should enable HTTPS on your Elasticsearch cluster. This involves generating or obtaining an SSL certificate and configuring Elasticsearch to use this certificate for HTTP connections. Additionally, ensure that your Elasticsearch Exporter is configured to connect using HTTPS. This will encrypt the communication between Elasticsearch and the Exporter, protecting your user authentication data.
This guide will help you check for common problems that cause the log ” exporter [{}] is not using https; but using user authentication with plaintext ” to appear. To understand the issues related to this log, read the explanation below about the following Elasticsearch concepts: plugin.
Log Context
Log “exporter [{}] is not using https; but using user authentication with plaintext ” classname is HttpExporter.java.
We extracted the following from Elasticsearch source code for those seeking an in-depth context :
final SSLIOSessionStrategy sslStrategy = configureSslStrategy(sslSettings; concreteSetting; sslService);
final CredentialsProvider credentialsProvider = createCredentialsProvider(config);
List hostList = HOST_SETTING.getConcreteSettingForNamespace(config.name()).get(config.settings());
// sending credentials in plaintext!
if (credentialsProvider != null && hostList.stream().findFirst().orElse("").startsWith("https") == false) {
logger.warn("exporter [{}] is not using https; but using user authentication with plaintext " +
"username/password!"; config.name());
}
if (sslStrategy != null) {
builder.setHttpClientConfigCallback(new SecurityHttpClientConfigCallback(sslStrategy; credentialsProvider));
[ratemypost]
