Elasticsearch Security plugin exception

I am getting error while working on ssl part of elasticsearch.
stacktrace": ["org.elasticsearch.bootstrap.StartupException: java.lang.IllegalStateException: failed to load plugin class [org.elasticsearch.xpack.core.XPackPlugin]"
.....
"Caused by: java.lang.reflect.InvocationTargetException",
.....
"Caused by: org.elasticsearch.ElasticsearchSecurityException: failed to load SSL configuration [xpack.security.transport.ssl]",
.....
"Caused by: org.elasticsearch.ElasticsearchException: failed to initialize SSL TrustManager",
......
"Caused by: java.io.IOException: Is a directory",

I used docker-compose file

version: '2.2'

services:

elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:7.4.2
container_name: elasticsearch
environment:
- node.name=elasticsearch
- discovery.seed_hosts=elasticsearch
- cluster.initial_master_nodes=elasticsearch
- cluster.name=docker-cluster
- bootstrap.memory_lock=true
- "ES_JAVA_OPTS=-Xms512m -Xmx512m"
- xpack.security.enabled=true
- xpack.security.transport.ssl.enabled=true
- xpack.security.transport.ssl.verification_mode=certificate
- xpack.security.transport.ssl.keystore.path=elastic-certificates.p12
- xpack.security.transport.ssl.truststore.path=elastic-certificates.p12

ulimits:
  memlock:
    soft: -1
    hard: -1
volumes:
  - ./elastic-stack-ca.p12:/usr/share/elasticsearch/config/elastic-stack-ca.p12
  - ./elastic-certificates.p12:/usr/share/elasticsearch/config/elastic-certificates.p12
  - esdata1:/usr/share/elasticsearch/data
ports:
  - 9200:9200

kibana:
image: docker.elastic.co/kibana/kibana:7.4.2
container_name: kibana
environment:
ELASTICSEARCH_URL: "https://elasticsearch:9200"
ELASTICSEARCH_USERNAME: "kibana"
ELASTICSEARCH_PASSWORD: "kibana"
ports:
- 5601:5601
depends_on:
- elasticsearch

volumes:
esdata1:
driver: local

Just run for elasticsearch with docker-compose up elasticsearch

I have used below command to generate the certificate
bin/elasticsearch-certutil ca

bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

and just clicked enter for password.

I want to add SSL and Https security with username password for elasticsearch.
Could you please help to find out the problem.

I have also tried with the configuration mentioned on the below link:
https://www.elastic.co/guide/en/elasticsearch/reference/7.5/configuring-tls-docker.html

But I am getting below error
$ docker run --rm -v es_certs:/certs --network=es_default docker.elastic.co/elasticsearch/elasticsearch:7.5.1 curl --cacert /certs/ca/ca.crt -u elastic:PleaseChangeMe https://es01:9200
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0curl: (77) Problem with the SSL CA cert (path? access rights?)

Could you please help me solve it?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.