ElasticSearch Strange behavior

lcui_dxc · September 5, 2022, 7:22am

Hello there:

I use ELK v8.3.3, it worked fine without x-park. I activated x-pack and configured Elasticsearch by adding the following initially

pack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.http.ssl.client_authentication: none
#xpack.security.transport.ssl.client_authentication: required
xpack.security.transport.ssl.client_authentication: none
xpack.security.transport.ssl.keystore.path: /elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /elastic-certificates.p12
#xpack.security.transport.ssl.keystore.secure_password
#xpack.security.transport.ssl.truststore.secure_password

xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.http.ssl.client_authentication: none
xpack.security.transport.ssl.client_authentication: none
xpack.security.transport.ssl.keystore.path: /elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /elastic-certificates.p12
#action.destructive_requires_name: false

Eleasticsearch keeps getting for following errors:

[2022-09-05T07:01:50,515][ERROR][o.e.b.Elasticsearch ] [esna-1] fatal exception while booting Elasticsearch
org.elasticsearch.bootstrap.StartupException: java.lang.IllegalArgumentException: unknown secure setting [xpack.security.http.ssl.truststore] did you mean any of [xpack.security.http.ssl.truststore.path, xpack.security.http.ssl.truststore.type, xpack.security.http.ssl.truststore.password, xpack.security.http.ssl.truststore.algorithm, xpack.security.http.ssl.keystore.type, xpack.security.http.ssl.certificate, xpack.security.http.ssl.keystore.path, xpack.security.http.ssl.key_passphrase, xpack.security.http.ssl.keystore.password, xpack.security.http.ssl.enabled, xpack.security.http.ssl.key, xpack.security.transport.ssl.truststore.path, xpack.security.transport.ssl.truststore.type]?
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:228) [elasticsearch-8.3.3.jar:?]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:67) [elasticsearch-8.3.3.jar:?]
Caused by: java.lang.IllegalArgumentException: unknown secure setting [xpack.security.http.ssl.truststore] did you mean any of [xpack.security.http.ssl.truststore.path, xpack.security.http.ssl.truststore.type, xpack.security.http.ssl.truststore.password, xpack.security.http.ssl.truststore.algorithm, xpack.security.http.ssl.keystore.type, xpack.security.http.ssl.certificate, xpack.security.http.ssl.keystore.path, xpack.security.http.ssl.key_passphrase, xpack.security.http.ssl.keystore.password, xpack.security.http.ssl.enabled, xpack.security.http.ssl.key, xpack.security.transport.ssl.truststore.path, xpack.security.transport.ssl.truststore.type]?

I don't have xpack.security.http.ssl.truststore in my elasticsearch.yml file.
I stopped the VM where the Elastic is running on few times thinking something may be stuck in the cache.. still the same error... I started with a new elasticsearch.yml, still the same..

Anything I did it wrong? Please advise.

Thanks in advance

Li

cheshirecat · September 5, 2022, 9:10am

First of all: why did you use "/"? It should be like this:

xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

or if you would like to use absolute path /etc/elasticsearch/{{file_name}}

system · October 3, 2022, 9:10am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.