Logs are filled every 4 minutes with below message on a test server and there is no help on this. I am fairly new to this and wouldn't have edited any files to a big extent. There is another thread on here (discuss.elastic.co) that is closed that got the same warn, but had no successful conclusion.
Creating processor [set_security_user] (tag [null]) on field [_security] but authentication is not currently enabled on this cluster - this processor is likely to fail at runtime if it is used
My recommendation is to enable security for you cluster. Security is a free feature. It is automatically enabled with v8.0 or higher. Or you can manually configured it for previous versions.
The documentation is largely not working for me as far as I can see:
run the elasticsearch-reset-password tool.
OK I can get a password, but what do I do then?
bin/elasticsearch-create-enrollment-token -s kibana --url "https://127.0.0.1:9200"
ERROR: [xpack.security.enrollment.enabled] must be set to `true` to create an enrollment token
Do I enter this in elasticsearch.yml
bin/elasticsearch-create-enrollment-token -s kibana --url "https://127.0.0.1:9200"
ERROR: Failed to determine the health of the cluster.
Do I try the other thing suggested on
bin/elasticsearch-create-enrollment-token -s node
Unable to create enrollment token for scope [node]
ERROR: Unable to create an enrollment token. Elasticsearch node HTTP layer SSL configuration is not configured with a keystore
bin/elasticsearch-create-enrollment-token -s kibana
Unable to create enrollment token for scope [kibana]
then it claims somewhere I have a cert directory in /etc/elasticsearch
I don't have that directory.
Do I generate ca or http
and put it in /etc/elasticsearch/certs
nothing changes
besides that to get a working system now I have to set
xpack.security.enabled: false
xpack.security.enrollment.enabled: false
xpack.security.http.ssl.enabled: false
to get back to where I started.
I am on Ubuntu 20.04 LTS and I think I installed this via apt.
As I newbie, you give me some choices, I don't understand the difference.
Do you have some form of tldr like certbot?
These days there are 100s of programs, security updates, mails, tweets etc etc.
The whole attraction of a ready made system is to save time. Otherwise one can program it one self.
Most videos etc is for < 8.2 and one spends already a considerable amount of time chasing the changes. Security that is complicated to install is by default insecure.
I also checked out this thread
I assume you are using Elasticsearch 8.2+. When installing it on ubuntu with the pacakge manager, security is auto-configured at installation time (doc).
Since you had security disabled, I guess it's either because the installation was not a fresh install or you manually disabled security after installation.
Depending on how criticial the system is, you can either:
For 2, you'll have to let go the enrollment-token approach since it is designed to help auto-configuration while you are doing it manually. Please follow this page to enable basic security and followed by this one to enable TLS communication between ES and Kibana.
Using Elasticsearch 8.2.3 with Docker I get the same problem. I am stuck to this error :
ERROR: Unable to create an enrollment token. Elasticsearch node HTTP layer SSL configuration is not configured with a keystore
The documentation is not working for me as well and I find Elasticsearch 8. a lot more complex to configure than version 7.
To get the following error, I had to generate P12 keystore certificates. But that's an error as well...
ERROR: Unable to create an enrollment token for Kibana. Elasticsearch node HTTP layer SSL configuration Keystore doesn't contain any PrivateKey entries where the associated certificate is a CA certificate
Generally this is a test system.
Reinstalling everything seems to have worked.
In the beginning as a newbie, going off < 8.x installs manuals on the web, one has no clue that this exists at all.
It looks more like a bug : I use docker containers so the state is "reinitialized" at each run. This is a bug in the code, or a missing requirement in the documentation.
Well maybe I run into this again.
In the moment, I am trying the whole switch on switch off routine with some weird error in metric beat, before in logstash.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.