I successfully set up xpack basic security when I used self-signed certificates using Elasticsearch tools. When I had an internal authority create the p12 files for me following information from the Elasticsearch procedures I get this error when starting a node:
Failed to load SSL configuration [xpack.security.transport.ssl]; nested: ElasticsearchException[failed to initialize SSL TrustManager]; nested: IOException[toDerInputStream rejects tag type 80];
Could this be anything other than an issue with the p12 file?
What is the best way to have an outside CA create the p12 file for use in Elasticsearch nodes. Will possibly run into this issue when getting HTTP p12 files created as well.