Hello. What i have is elastic running in a host windows server and i want to install hive from a WSL ubuntu which will be hosted in the windows server. My elastic config file only accepts https connections. SO i have setup the hive application.conf file like this
# TheHive configuration - application.conf
#
#
# This is the default configuration file.
# This is prepared to run with all services locally:
# - Cassandra for the database
# - Elasticsearch for index engine
# - File storage is local in /opt/thp/thehive/files
#
# If this is not your setup, please refer to the documentation at:
# https://docs.strangebee.com/thehive/
#
#
# Secret key - used by Play Framework
# If TheHive is installed with DEB/RPM package, this is automatically generated
# If TheHive is not installed from DEB or RPM packages run the following
# command before starting thehive:
# cat > /etc/thehive/secret.conf << _EOF_
# play.http.secret.key="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 |# head -n 1)"
# _EOF_
include "/etc/thehive/secret.conf"
# Database and index configuration
# By default, TheHive is configured to connect to local Cassandra 4.x and a
# local Elasticsearch services without authentication.
db.janusgraph {
storage {
backend = cql
hostname = ["127.0.0.1"]
# Cassandra authentication (if configured)
# username = "thehive"
# password = "password"
cql {
cluster-name = thp
keyspace = thehive
}
}
index.search {
backend = elasticsearch
hostname = ["192.168.0.230:9200"]
index-name = thehive
username = "user"
password = "password"
scheme = "https"
trustStore {
path = "/usr/lib/jvm/java-11-amazon-corretto/lib/security/cacerts"
type = "JKS"
password = "password"
}
}
}
# Attachment storage configuration
# By default, TheHive is configured to store files locally in the folder.
# The path can be updated and should belong to the user/group running thehive service. (by default: thehive:thehive)
storage {
provider = localfs
localfs.location = /opt/thp/thehive/files
}
# Define the maximum size for an attachment accepted by TheHive
play.http.parser.maxDiskBuffer = 1GB
# Define maximum size of http request (except attachment)
play.http.parser.maxMemoryBuffer = 10M
# Service configuration
application.baseUrl = "http://localhost:9000"
play.http.context = "/"
# Additional modules
#
# TheHive is strongly integrated with Cortex and MISP.
# Both modules are enabled by default. If not used, each one can be disabled by
# commenting the configuration line.
scalligraph.modules += org.thp.thehive.connector.cortex.CortexModule
scalligraph.modules += org.thp.thehive.connector.misp.MispModule
however elastic log gives me this
[2024-02-03T14:07:19,275][WARN ][o.e.h.n.Netty4HttpServerTransport] [WIN-84I4PL7AU5G] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/192.168.0.230:9200, remoteAddress=/192.168.0.230:50230}
[2024-02-03T14:07:24,461][WARN ][o.e.h.n.Netty4HttpServerTransport] [WIN-84I4PL7AU5G] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/192.168.0.230:9200, remoteAddress=/192.168.0.230:50198}
[2024-02-03T14:07:24,477][WARN ][o.e.h.n.Netty4HttpServerTransport] [WIN-84I4PL7AU5G] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/192.168.0.230:9200, remoteAddress=/192.168.0.230:50206}
i made sure the http_ca.crt file is entrusted to the trust store
what am i doing wrong?