Hi All,
I have secured my cluster's (3 nodes) http communication as below:
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/cert/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/cert/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /etc/elasticsearch/cert/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: /etc/elasticsearch/cert/elastic-certificates.p12
(The certificates are generated with elasticsearch-certutil. I have copied the same certs to all nodes.)
Everything work fine, but my logs are full of WARNs like below (cluster's IP addresses between xxx.xxx.xxx.210 and xxx.xxx.xxx.212):
[2020-01-29T11:04:04,170][WARN ][o.e.h.AbstractHttpServerTransport] [abc-i-elastic03] caught exception while handling client http traffic, closing connection Netty4HttpChannel{localAddress=/xxx.xxx.xxx.212:9200, remoteAddress=/xxx.xxx.xxx.211:55756}
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
Version: 7.5.2
Please help me how to avoid these warnings. Thanks!