Connect Enterprise Search to elasticsearch via SSL

i have the elastic search up and running with SSL
the command curl --insecure -X GET 'https://localhost:9200?pretty' works perfectly
now after installing the Enterprise Search, the yml looks like below :: https://localhost:9200

allow_es_settings_modification: true

secret_management.encryption_keys: [z%C*F-Ja]

ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/keys/keystore.jks"
ent_search.ssl.keystore.password: "changeme"
ent_search.ssl.keystore.key_password: "changeme"
ent_search.external_url: https://localhost:3002

but the connection failed
any idea ?

Are you using self signed certs? If so the. The enterprise search server probably isn't set up to trust the elasticsearch server certificate.

hi Alex
the request curl --insecure -X GET 'https://localhost:9200?pretty' works fine
so I assume the SSL configuration is ok in the elasticsearch

the lasticsearch.yml looks like below ::
cluster.initial_master_nodes: ["node-1"] true true none certs/elastic-certificates.p12 certs/elastic-certificates.p12 true certs/elastic-certificates.p12 certs/elastic-certificates.p12 none
http.cors.enabled : true
http.cors.allow-origin : "*"
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : X-Requested-With,X-Auth-Token,Content-Type, Content-Length true
roles: superuser
authz_exception: true

I am new to SSL and how it should work, so maybe I am missing something
please help

I wasn't saying that the SSL wasn't setup properly in elasticsearch, but SSL is based off of trust. I trust the issuer so I trust you. If the enterprise search server isn't set to trust the certificates that are on the elasticsearch server then the requests will fail. The reason the curl commands are working is because you're using the --insecure, try without and you'll see the error I'm referring to.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.