Hi,
I have installed ES 6.3.1 version and set below relevant properties in elasticsearch.yml during configuration
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.enabled: true
- /_xpack/license returns below response
<{
"license" : {
"status" : "active",
"uid" : "c51de05d-beb0-4336-a48d-6854ae25ff80",
"type" : "basic",
"issue_date" : "2020-01-02T16:29:17.774Z",
"issue_date_in_millis" : 1577982557774,
"max_nodes" : 1000,
"issued_to" : "EIGL_TST_ELASTIC_CLUSTER",
"issuer" : "elasticsearch",
"start_date_in_millis" : -1
}
}/>
-
And GET /_xpack/security/_authenticate?pretty returns below response:
<{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "current license is non-compliant for [security]",
"license.expired.feature" : "security"
}
],
"type" : "security_exception",
"reason" : "current license is non-compliant for [security]",
"license.expired.feature" : "security"
},
"status" : 403
}/> -
Interestingly ssl properties enabled in yml file is working fine which matches to free security for basic license as given in https://www.elastic.co/subscriptions
-
However "Role-based access control" fails when running the command elasticsearch-setup-passwords interactive with error "It doesn't look like the X-Pack security feature is available on this Elasticsearch node".
Before this setup we had a chat with ElasticSearch Proffessional service as well where we received confirmation that x-pack security features mentioned in above subscription url is also applicable to 6.3.1 version as well. However, it seems to be running partially, where ssl encryption is allowed on transport and http level but user setup/role management is not available.
Could you pls let me know if there is something I am missing or if there is a fix to this issue?
Thanks and Regards,
Nikesh Gupta