Hi all,
I am trying to setup ELK cluster with 7.16 version with X-pack enabled and SSL certificates configured.
I am doing it in ubuntu where we have ansible code to deploy the stack which was developed by a person earlier and I am using the same.
Based on my knowledge things working fine but when executing Elasticsearch curl with localhost I am getting below error where as with 127.0.0.1 looks fine.
curl -ks -u -XGET https://localhost:9200/_cluster/health?pretty
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "unable to authenticate user [elastic] for REST request [/_cluster/health?pretty]",
"header" : {
"WWW-Authenticate" : [
"Basic realm=\"security\" charset=\"UTF-8\"",
"Bearer realm=\"security\"",
"ApiKey"
]
}
}
],
"type" : "security_exception",
"reason" : "unable to authenticate user [elastic] for REST request [/_cluster/health?pretty]",
"header" : {
"WWW-Authenticate" : [
"Basic realm=\"security\" charset=\"UTF-8\"",
"Bearer realm=\"security\"",
"ApiKey"
]
}
},
"status" : 401
}
root@V:/usr/share/elasticsearch/bin# curl -ks -XGET https://127.0.0.1:9200/_cluster/health?pretty
{
"cluster_name" : "elk-test",
"status" : "green",
"timed_out" : false,
"number_of_nodes" : 4,
"number_of_data_nodes" : 3,
"active_primary_shards" : 4,
"active_shards" : 8,
"relocating_shards" : 0,
"initializing_shards" : 0,
"unassigned_shards" : 0,
"delayed_unassigned_shards" : 0,
"number_of_pending_tasks" : 0,
"number_of_in_flight_fetch" : 0,
"task_max_waiting_in_queue_millis" : 0,
"active_shards_percent_as_number" : 100.0
Here is my elasticsearch.yml file
node.name: elasticsearch-01
cluster.name: elk-test
network.host: [_local_, _site_]
network.publish_host: "10.*"
http.bind_host: [_local_]
http.publish_host: _local_
http.cors.enabled: true
http.cors.allow-origin: "*"
discovery.zen.ping.unicast.hosts: ["10.*", "10.*", "10.*`Preformatted text`"]
discovery.zen.minimum_master_nodes: 2
path.data: /data1/elasticsearch
path.logs: /var/log/elasticsearch
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.supported_protocols: TLSv1.2
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.key: /etc/elasticsearch/ssl/private/elasticsearch-01.key.pem
xpack.security.transport.ssl.certificate: /etc/elasticsearch/ssl/elasticsearch-01.cert.pem
xpack.security.transport.ssl.certificate_authorities: ["/etc/elasticsearch/ssl/elasticsearch-01.cert.pem", "/etc/elasticsearch/ssl/elas
ticsearch-02.cert.pem", "/etc/elasticsearch/ssl/elasticsearch-03.cert.pem", "/etc/elasticsearch/ssl/logstash-01.cert.pem", "/etc/elasti
csearch/ssl/web-kibana-01.cert.pem"]
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.supported_protocols: TLSv1.2
xpack.security.http.ssl.key: /etc/elasticsearch/ssl/private/elasticsearch-01.key.pem
xpack.security.http.ssl.certificate: /etc/elasticsearch/ssl/elasticsearch-01.cert.pem
I see the services are up and running and the certificates are self signed. I suspect something going wrong but unable to figure-out where the issue is.
Since ES is not running with localhost Kibana url is not working and getting the messages "Kibana is not yet ready" from the browser.
Any clue would help to move forward..