I have successfully configured minimal security in my environment and am now moving on to Basic, so that I can use fleet and SIEM. Version of Elastic I am using is 7.13.4, on a RHEL 8.0 server. I only have 1 Elasticsearch server and am wondering if I need to create a CA or can I by-pass this step in configuring the Basic security?
Continuation on the Basic security configuration. I have gone through all the steps detailed in the following article: Basic Security Configuration
I checked and double checked my code as I entered it in the command line to ensure that no spelling errors or items were missed. Now When I start the Elasticsearch service I am unable to if the keystore and truststore paths are not rem'd out in the Elasticsearch.yml file.
If you'd like help then you're going to need to provide the details of the errors from your logs.
Otherwise we're only going to be guessing at what went wrong.
Thank you Tim. When I start the service after enabling the keystore and truststore paths in the Elasticsearch,yml file and then check the Elasticsearch.log file I see alot of informational lines and nothing that is an error. Here are some of the lines that I find interesting.
Well I feel that we have an error or problem because I cannot start the Elasticsearch service when I have the xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 and/or xpack.security.transport.ssl.truststore.path: elastic-certificates.p12 enabled in my Elasticsearch.yml file,
Am I mistaken? When I look at the /var/log/Elasticsearch/Elasticsearch.log file it shows that the Basic Security it enabled.
If there's nothing in the logs that says there is a problem, how did you determine that you can't start the Elasticsearch service? Do you get an error somewhere? What does that error say?
If you're looking for help, then exact details matter.
To answer your question Tim. I wasn't able to find any errors, all I knew is that when i enabled the Keystore and Truststore certificates and the attempted to start the Elasticsearch service it would time out and not start.
I have since kept those two lines disabled in the yml file and carried on with my installation. Everything seems to be working fine at the moment.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.