I am new to ElasticSearch.
I followed the steps in this page: Configuring SSL, TLS, and HTTPS to secure Elasticsearch, Kibana, Beats, and Logstash
I used
bin/elasticsearch-setup-passwords interactive -u 'https://abc.mysite.com:9200'
on step [2-6-4] Set built-in user password
Everything is fine to setup the service with SSL certificates. However, I want to change the password of 'elastic', and run
bin/elasticsearch-setup-passwords interactive -u 'https://abc.mysite.com:9200'
again.
I encounter the following error:
$ bin/elasticsearch-setup-passwords interactive -u 'https://abc.mysite.com:9200'
Failed to authenticate user 'elastic' against
https://abc.mysite.com:9200/_security/_authenticate?pretty
Possible causes include:
* The password for the 'elastic' user has already been changed on this cluster
* Your elasticsearch node is running against a different keystore
This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore
ERROR: Failed to verify bootstrap password
$
I also visit this post After X-pack Installation : Failed to authenticate user [elastic], understand that Change Password API can change the password of 'elastic' account:
curl -u elastic -XPUT 'https://abc.mysite.com:9200/_xpack/security/user/elastic/_password?pretty' -H 'Content-Type: application/json' -d'{"password":"12345678"}' -k
- May I know whether the error above must happen in the second time or later after the first run of 'elasticsearch-setup-passwords'?
- I do not know about what "bootstrap password" is. I do not change it. Is there a possible way I changed it in this page: Configuring SSL, TLS, and HTTPS to secure Elasticsearch, Kibana, Beats, and Logstash but I did not know?
- Can I have a way to use 'elasticsearch-setup-passwords' again? if not, does it mean 'elasticsearch-setup-passwords' is a once-time-command?
I am using a Cluster with 3 nodes. 2 nodes have these roles: dilmrt, and 1 node has these roles: dmv