Config https for Elasticsearch 5.6


(Derrick) #1

Hi,

we are upgrading our ES from 2 to 5.6, but cannot make https works, could someone can provide the config?

this is what we have in elasticsearcy.yml.

--------------------------------- XPack Config ------------------------------

action.auto_create_index: .security,.monitoring*,.watches,.triggered_watches,.watcher-history*

xpack.security.enabled: true

xpack.ssl.keystore.path: /usr/share/elasticsearch/config/keystore.jks
xpack.ssl.keystore.password: password
xpack.ssl.keystore.key_password: password

xpack.ssl.truststore.path: /usr/share/elasticsearch/config/truststore.jks
xpack.ssl.truststore.password: changeit

xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.enabled: true

xpack.ssl.verification_mode: none
xpack.ssl.client_authentication: none

xpack.security.authc.realms:
realm1:
type: native
order: 3

realm2:
    type: file
    order: 1

realm3:
    type: ldap
    order: 2
    url: "ldap://ldap.service.consul"
    user_dn_templates:
        - "uid={0}, ou=ISS-FRNT OFFCE DEV-CLIENT SUPPORT CENTRE,o=Scotia Capital Markets,c=CA"
    #files:
    #  role_mapping: "/usr/share/elasticsearch/config/shield/ldap_role_mapping.yml"
    unmapped_groups_as_roles: false

(David Pilato) #2

I moved this to #x-pack


(Derrick) #3

now I am getting this error, please help, thanks

[2017-12-14T15:27:31,252][WARN ][o.e.b.ElasticsearchUncaughtExceptionHandler] [pxv-data1.dev.lbb4sd.333az.net] uncaught exception in thread [main]
org.elasticsearch.bootstrap.StartupException: ElasticsearchException[Failed to load plugin class [org.elasticsearch.xpack.XPackPlugin]]; nested: InvocationTargetException; nested: IllegalArgumentException[the [action.auto_create_index] setting value [.security,.monitoring*,.watches,.triggered_watches,.watcher-history*] is too restrictive. disable [action.auto_create_index] or set it to [.security,.security-6]];
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) ~[elasticsearch-5.6.4.jar:5.6.4]


(David Pilato) #4

May be do what is written in the logs?

disable [action.auto_create_index] or set it to [.security,.security-6]


(Derrick) #5

it doesn't work either.


(David Pilato) #6

Exact same logs now?


(Derrick) #7

Yes, same issue


(David Pilato) #8

Can you share your config file, your logs?

Did you restart the nodes?


(Derrick) #9

I share it in this thread, Failed to load xpackplugin, please help, urgent

Also es is being run in docker, so I restart docker.


(system) #10

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.