Connect Enterprise Search to elasticsearch via SSL

rabi82 · April 28, 2021, 6:02am

Hi,
i have the Elasticsearch up and running with SSL
the command curl --insecure -X GET 'https://localhost:9200?pretty' works perfectly
now after installing the Enterprise Search, the yml looks like below ::

elasticsearch.host: https://localhost:9200

allow_es_settings_modification: true

secret_management.encryption_keys: [z%C*F-Ja]

ent_search.ssl.enabled: true
ent_search.ssl.keystore.path: "/keys/keystore.jks"
ent_search.ssl.keystore.password: "changeme"
ent_search.ssl.keystore.key_password: "changeme"
ent_search.external_url: https://localhost:3002

but the connection failed
any idea ?

legoguy1000 · April 28, 2021, 11:23pm

Are you using self signed certs? If so the. The enterprise search server probably isn't set up to trust the elasticsearch server certificate.

rabi82 · April 29, 2021, 12:51am

hi Alex
the request curl --insecure -X GET 'https://localhost:9200?pretty' works fine
so I assume the SSL configuration is ok in the elasticsearch

the lasticsearch.yml looks like below ::
network.host: 0.0.0.0
cluster.initial_master_nodes: ["node-1"]

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: none
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: certs/elastic-certificates.p12

xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: certs/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: certs/elastic-certificates.p12
xpack.security.http.ssl.client_authentication: none

http.host: 0.0.0.0
http.cors.enabled : true
http.cors.allow-origin : "*"
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : X-Requested-With,X-Auth-Token,Content-Type, Content-Length

xpack.security.authc.api_key.enabled: true
xpack.security.authc:
anonymous:
roles: superuser
authz_exception: true

I am new to SSL and how it should work, so maybe I am missing something
please help

legoguy1000 · April 29, 2021, 1:08am

I wasn't saying that the SSL wasn't setup properly in elasticsearch, but SSL is based off of trust. I trust the issuer so I trust you. If the enterprise search server isn't set to trust the certificates that are on the elasticsearch server then the requests will fail. The reason the curl commands are working is because you're using the --insecure, try without and you'll see the error I'm referring to.

system · May 27, 2021, 1:09am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.