Hello,
I have an issues while enabling security for ES. I have installed and configured several ES VMs. They already working as expected and connected to one ES cluster. After that, I decided to try to install and setup Kibana. There are also no any issues with Kibana installation. But, problems were started when I tried to setup authentication for Kibana...
As I read here: Configure security in Kibana | Kibana Guide [8.11] | Elastic - I need to Configuring security in Elasticsearch:
Configuring security in Elasticsearch | Elasticsearch Guide [7.5] | Elastic
So, point to point, from last link:
1. Verify that you are using a license that includes ...
As I understand - basic xpack security is free, so I can try to use it
2 Verify that the xpack.security.enabled
...
Yes, enabled
3 If you plan to run Elasticsearch in a Federal Infox...
Skipped, no any plans
4 Configure Transport Layer Security ....
Yes, generated and prepared certificates
So... I just updated my ES config with these lines:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /.../certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /.../certs/elastic-certificates.p12
5 Restarting ES. ES was restarted successfully, and I started to get a message like:
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/_cluster/health?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
}
],
"type" : "security_exception",
"reason" : "missing authentication credentials for REST request [/_cluster/health?pretty]",
"header" : {
"WWW-Authenticate" : "Basic realm=\"security\" charset=\"UTF-8\""
}
},
"status" : 401
}
for any kind of request.
Ok, going to point 6 Set the passwords for all built-in users., I need to setup passwords for users with bin/elasticsearch-setup-passwords ...
. But... I got error:
Failed to determine the health of the cluster running at http://XXX:9200
Unexpected response code [503] from calling GET http://XXX:9200/_cluster/health?pretty
Cause: master_not_discovered_exceptionIt is recommended that you resolve the issues with your cluster before running elasticsearch-setup-passwords.
It is very likely that the password changes will fail when run against an unhealthy cluster.Do you want to continue with the password setup process [y/N]
So... I cant setup password, because I can not authentikate to my ES node... I tried to set
xpack.security.enabled: false and run again ``bin/elasticsearch-setup-passwords ...
but got error - I need to enable xpack security to setup password...
So, could anybody please advice me - what is wrong from my side? How I can setup password for system users?