polkitd[567]: Unregistered Authentication Agent for unix-processl log :
from elasticcluster log :
Caused by: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554202f5f636c75737465722f73746174653f70726574747920485454502f312e310d0a557365722d4167656e743a206375726c2f372e32392e300d0a486f73743a2031302e3132392e3139352e3134393a393230300d0a4163636570743a202a
You need to give us more details. What doesn't work as expected ?
below are the entries from elasticsearch.yml file using
You have also enabled the PKI realm for authentication. This means that every request to Elasticsearch on the http layer needs to be over TLS with client authentication. Is that what you want to achieve? Our PKI realm docs are here : PKI user authentication | Elastic Stack Overview [7.4] | Elastic
from elasticcluster log :
Caused by: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554202f5f636c75737465722f73746174653f70726574747920485454502f312e310d0a557365722d4167656e743a206375726c2f372e32392e300d0a486f73743a2031302e3132392e3139352e3134393a393230300d0a4163636570743a202a
This is not the cause of the problem. What you are seeing there is Elasticsearch logging that while it is configured to only accept connections on the http layer over TLS ( you have configured it as such with xpack.security.http.ssl.enabled: true ), it received a connection over plain http. In fact that long HEX string decodes to :
GET /_cluster/state?pretty HTTP/1.1
User-Agent: curl/7.29.0
Host: 10.129.195.149:9200
Accept: *
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.