I have been able to follow the documentation and generate my own certificates and used them in Elasticsearch for Transport and HTTP security. Elasticsearch is up and running. I have also been able to establish connection from Kibana to the manually configured secure Elasticsearch. However when I am trying to run
elasticsearch-create-enrollment-token -s kibana
I am getting:
ERROR: Unable to create an enrollment token. Elasticsearch node HTTP layer SSL configuration Keystore doesn't contain any PrivateKey entries where the associated certificate is a CA certificate
The reason I wanted to configure the security and generate new certificates is because the default auto configuration stops working when elasticsearch is restarted a day later or so.
Any idea how I can sort out the error with the enrollment token
Hello. Would you be able to give details about how or why the default auto configuration stops working when elasticsearch is restarted a day later or so? Is it possible the hostname is changing? Thank you.
It was IP address changing issue. (if I stick with the auto configuration done by ES)
However I would still like to know why on configuring security manually (by following the TLS and HTTP security documentation) results in:
Unable to create an enrollment token. Elasticsearch node HTTP layer SSL configuration Keystore doesn't contain any PrivateKey entries where the associated certificate is a CA certificate
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.