I have an elasticsearch 8.14 cluster running with 5 nodes with security enabled using own generated certificates. Everything is running fine but I now need to add 2 ingest only nodes. I am trying to create the enrollment token with:
/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node
But this is failing with:
ERROR: Unable to create an enrollment token. Elasticsearch node HTTP layer SSL configuration Keystore doesn't contain any PrivateKey entries where the associated certificate is a CA certificate, with exit code 73
Any ideas ?