I have an elastic search server with security enabled. I have a Java application (a Restful service running inside Tomcat) which attempts to connect to the elastic search using the HTTP RestClient (So version differences between the elastic search server and the java application should not be an issue). Both instances are running in the same VPN on Azure. I have imported the elastic search server's certificates to the JDK keystore in the Java application instance, but connection to the elastic search server fails with the following exception:
java.net.ConnectException: Connection refused
at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method) ~[?:1.8.0_362]
at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:716) ~[?:1.8.0_362]
at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvent(DefaultConnectingIOReactor.java:171) ~[httpcore-nio-4.4.5.jar:4.4.5]
at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.processEvents(DefaultConnectingIOReactor.java:145) ~[httpcore-nio-4.4.5.jar:4.4.5]
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor.execute(AbstractMultiworkerIOReactor.java:348) ~[httpcore-nio-4.4.5.jar:4.4.5]
at org.apache.http.impl.nio.conn.PoolingNHttpClientConnectionManager.execute(PoolingNHttpClientConnectionManager.java:192) ~[httpasyncclient-4.1.2.jar:4.1.2]
at org.apache.http.impl.nio.client.CloseableHttpAsyncClientBase$1.run(CloseableHttpAsyncClientBase.java:64) ~[httpasyncclient-4.1.2.jar:4.1.2]
at java.lang.Thread.run(Thread.java:750) [?:1.8.0_362]
There is no network connectivity issue between the two instances. I have verified this by executing the following curl request on the same instance where the Java application is running:
sudo curl --cacert /path/to/my/http_ca.crt -u elastic https://x.x.x.x:9200
The same CA certificate is imported into the Java keystore also. I have a similar setup in my test environment and the Java application is able to connect to the test elastic search server instance. This indicates that the code doesn't have any issues. What else could be going wrong?
It is look like your es server don't listen on the port in your target instance Check your the elasticsearch config at your code carefully, like host, port, username etc.