Hello,
I'm having issues setting up security for a fresh install of ES.
The issue is after enabling xpack.security on the elasticsearch.yml and starting the ES service, then executing for example:
" curl --insecure -X GET http://suelastic501.ritta.local:9200/_cluster/health?pretty"
Which return the following errors:
* "error" : {*
* "root_cause" : [*
* {*
* "type" : "security_exception",*
* "reason" : "missing authentication credentials for REST request [/_cluster/health?pretty]",*
* "header" : {*
* "WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""*
* }*
* }*
* ],*
* "type" : "security_exception",*
* "reason" : "missing authentication credentials for REST request [/_cluster/health?pretty]",*
* "header" : {*
* "WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""*
* }*
* },*
* "status" : 401*
*}*
Scenario:
2 VMs running ES service - RHEL 8
1 VM with Kibana - RHEL 8
I following the steps described in : https://www.elastic.co/blog/getting-started-with-elasticsearch-security
I can't execute the " Step 2: Elasticsearch cluster passwords" from the previously " from the previously link.
Information from my setup:
1. Running ES with Basic support - installed following the link : https://www.elastic.co/guide/en/elasticsearch/reference/current/rpm.html
2. My config/elasticsearch.yaml has the following data:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
3. Already generated and prepared certificates
4. When executing "/usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto" , i'm getting the following error.
*Failed to determine the health of the cluster running at http://10.191.37.94:9200*
*Unexpected response code [503] from calling GET http://10.191.37.94:9200/_cluster/health?pretty*
*Cause: master_not_discovered_exception*
*It is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.*
*It is very likely that the password changes will fail when run against an unhealthy cluster.*
*Do you want to continue with the password setup process [y/N]*
Anyone got any ideas how to solve this issue ?
Thanks a lot,