Hi! I'm new here, so I apologize in advance for possibly inquiring about something that may seem obvious.
Elasticsearch version : 6.1
X-Pack version: 6.1
I've been struggling since yesterday to get secured https setup.
I followed the step by step instructions on configuring ssl certificates from letsencrypt in the ES environment: https://www.elastic.co/blog/x-pack-security-for-elasticsearch-with-lets-encrypt-certificates
the resulting content of elasticsearch.yml:
network.host: www.referr.com
xpack.ssl.key: /etc/elasticsearch/ssl/www.referr.com/privkey.pem
xpack.ssl.certificate: /etc/elasticsearch/ssl/www.referr.com/fullchain.pem
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.http.ssl.enabled: true
(and yes, the paths above do lead to files that are exact copies of the cert files issued by letsencrypt (/etc/letsencrypt/archive/www.referr.com/) )
Elasticsearch status is : running
Problem is: elasticsearch is not listening => ( If I run netstat -an | find ":9200", I get nothing)
If I go to https//www.referr.com:9200 with a browser, it throws a security error.
Is there anything in the configs that I've done wrong ?
(note: I had also setup a X.509 certificate by following all the steps at https://www.elastic.co/guide/en/elasticsearch/reference/6.1/configuring-tls.html#node-certificates , but that did not successfully allow client-side https requests. (I suppose since the resulting 'P12' certificate is self-signed).
If anyone has some insight, it'd be much appreciated (my site is presently online and broken... with many daily users ...ouch).
Thanks!