Hey everyone, a very quick question, i have tried to modify my elasticsearch so it may resemble and work with my generated openssl Certificate.crt + private.key.
┌──(root㉿kali)-[/etc]
└─# openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout private.key -out certificate.crt -subj "/CN=192.168.2.18"
┌──(root㉿kali)-[/etc]
└─# cd /etc/elasticsearch/certs
┌──(root㉿kali)-[/etc/elasticsearch/certs]
└─# ls -larh
total 16K
-rw-r----- 1 elasticsearch elasticsearch 1.7K Jun 1 01:15 private.key
-rw-r--r-- 1 elasticsearch elasticsearch 1.1K Jun 1 01:15 certificate.crt
drwxr-s--- 4 root elasticsearch 4.0K Jun 1 01:40 ..
drwxr-sr-x 2 elasticsearch elasticsearch 4.0K Jun 1 01:30 .
Here's my elasticSearch.yml file :
# ======================== Elasticsearch Configuration =========================
#
# NOTE: Elasticsearch comes with reasonable defaults for most settings.
# Before you set out to tweak and tune the configuration, make sure you
# understand what are you trying to accomplish and the consequences.
#
# The primary way of configuring a node is via this file. This template lists
# the most important settings you may want to configure for a production cluster.
#
# Please consult the documentation for further information on configuration options:
# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
#
# ---------------------------------- Cluster -----------------------------------
#
# Use a descriptive name for your cluster:
#
#cluster.name: my-application
#
# ------------------------------------ Node ------------------------------------
#
# Use a descriptive name for the node:
#
#node.name: node-1
#
# Add custom attributes to the node:
#
#node.attr.rack: r1
#
# ----------------------------------- Paths ------------------------------------
#
# Path to directory where to store the data (separate multiple locations by comma):
#
path.data: /var/lib/elasticsearch
#
# Path to log files:
#
path.logs: /var/log/elasticsearch
#
# ----------------------------------- Memory -----------------------------------
#
# Lock the memory on startup:
#
#bootstrap.memory_lock: true
#
# Make sure that the heap size is set to about half the memory available
# on the system and that the owner of the process is allowed to use this
# limit.
#
# Elasticsearch performs poorly when the system is swapping the memory.
#
# ---------------------------------- Network -----------------------------------
#
# By default Elasticsearch is only accessible on localhost. Set a different
# address here to expose this node on the network:
#
network.host: 192.168.2.18
#
# By default Elasticsearch listens for HTTP traffic on the first free port it
# finds starting at 9200. Set a specific HTTP port here:
#
http.port: 9200
#
# For more information, consult the network module documentation.
#
# --------------------------------- Discovery ----------------------------------
#
# Pass an initial list of hosts to perform discovery when this node is started:
# The default list of hosts is ["127.0.0.1", "[::1]"]
#
discovery.seed_hosts: ["192.168.2.18"]
#
# Bootstrap the cluster using an initial set of master-eligible nodes:
#
#cluster.initial_master_nodes: ["node-1", "node-2"]
#
# For more information, consult the discovery and cluster formation module documentation.
#
# ---------------------------------- Various -----------------------------------
#
# Require explicit names when deleting indices:
#
#action.destructive_requires_name: true
#
# ---------------------------------- Security ----------------------------------
#
# *** WARNING ***
#
# Elasticsearch security features are not enabled by default.
# These features are free, but require configuration changes to enable them.
# This means that users don’t have to provide credentials and can get full access
# to the cluster. Network connections are also not encrypted.
#
# To protect your data, we strongly encourage you to enable the Elasticsearch security features.
# Refer to the following documentation for instructions.
#
# https://www.elastic.co/guide/en/elasticsearch/reference/7.16/configuring-stack-security.html
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
key: /etc/elasticsearch/certs/private.key
certificate: /etc/elasticsearch/certs/certificate.crt
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
key: /etc/elasticsearch/certs/private.key
certificate: /etc/elasticsearch/certs/certificate.crt
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
# cluster.initial_master_nodes: ["elastic"]
# Allow HTTP API connections from anywhere
# Connections are encrytpted and require user authentication
http.host: 0.0.0.0
However as i try to restart the service, it fails :
┌──(root㉿kali)-[/etc]
└─# service elasticsearch start
Job for elasticsearch.service failed because the control process exited with error code.
See "systemctl status elasticsearch.service" and "journalctl -xeu elasticsearch.service" for details.
$ journalctl -xeu elasticsearch.service
░░ The unit elasticsearch.service completed and consumed the indicated resources.
Jun 01 10:49:04 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
░░ Subject: A start job for unit elasticsearch.service has begun execution
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit elasticsearch.service has begun execution.
░░
░░ The job identifier is 3036.
Jun 01 10:49:07 kali systemd-entrypoint[159401]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.options
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:261)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:422)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOptionsParser.java:168)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.java:124)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
Jun 01 10:49:07 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
░░ Subject: Unit process exited
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ An ExecStart= process belonging to unit elasticsearch.service has exited.
░░
░░ The process' exit code is 'exited' and its exit status is 1.
Jun 01 10:49:07 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit elasticsearch.service has entered the 'failed' state with result 'exit-code'.
Jun 01 10:49:07 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
░░ Subject: A start job for unit elasticsearch.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ A start job for unit elasticsearch.service has finished with a failure.
░░
░░ The job identifier is 3036 and the job result is failed.
Jun 01 10:49:07 kali systemd[1]: elasticsearch.service: Consumed 3.421s CPU time.
░░ Subject: Resources consumed by unit runtime
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░
░░ The unit elasticsearch.service completed and consumed the indicated resources.
$ journalctl --unit elasticsearch.service
Jun 01 01:40:29 kali systemd-entrypoint[23815]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86) [0/1755]
Jun 01 01:40:29 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 01:40:29 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 01:40:29 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 01:40:29 kali systemd[1]: elasticsearch.service: Consumed 3.655s CPU time.
Jun 01 01:44:26 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
Jun 01 01:44:28 kali systemd-entrypoint[26087]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.options
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvide>
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider>
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOption>
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.j>
Jun 01 01:44:28 kali systemd-entrypoint[26087]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
Jun 01 01:44:28 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 01:44:28 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 01:44:28 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 01:44:28 kali systemd[1]: elasticsearch.service: Consumed 3.247s CPU time.
Jun 01 01:44:39 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
Jun 01 01:44:41 kali systemd-entrypoint[26359]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.options
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvide>
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider>
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOption>
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.j>
Jun 01 01:44:41 kali systemd-entrypoint[26359]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
Jun 01 01:44:41 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 01:44:41 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 01:44:41 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 01:44:41 kali systemd[1]: elasticsearch.service: Consumed 3.341s CPU time.
Jun 01 01:48:24 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
Jun 01 01:48:28 kali systemd-entrypoint[28514]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.options
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvide>
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider>
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOption>
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.j>
Jun 01 01:48:28 kali systemd-entrypoint[28514]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
Jun 01 01:48:28 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 01:48:28 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 01:48:28 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 01:48:28 kali systemd[1]: elasticsearch.service: Consumed 3.610s CPU time.
Jun 01 01:49:07 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
Jun 01 01:49:10 kali systemd-entrypoint[29077]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.options
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvide>
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider>
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOption>
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.j>
Jun 01 01:49:10 kali systemd-entrypoint[29077]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
Jun 01 01:49:10 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 01:49:10 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 01:49:10 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 01:49:10 kali systemd[1]: elasticsearch.service: Consumed 3.055s CPU time.
Jun 01 01:53:26 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
Jun 01 01:53:29 kali systemd-entrypoint[31481]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.options
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvide>
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider>
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOption>
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.j>
Jun 01 01:53:29 kali systemd-entrypoint[31481]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:86)
Jun 01 01:53:29 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 01:53:29 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 01:53:29 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 01:53:29 kali systemd[1]: elasticsearch.service: Consumed 3.706s CPU time.
Jun 01 10:49:04 kali systemd[1]: Starting elasticsearch.service - Elasticsearch...
Jun 01 10:49:07 kali systemd-entrypoint[159401]: Exception in thread "main" java.nio.file.NoSuchFileException: /etc/elasticsearch/jvm.optio>
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixException.translateToIOException(UnixException.java:92)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:106)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:111)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvid>
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.Files.newByteChannel(Files.java:379)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.Files.newByteChannel(Files.java:431)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvide>
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at java.base/java.nio.file.Files.newInputStream(Files.java:159)
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at org.elasticsearch.tools.launchers.JvmOptionsParser.readJvmOptionsFiles(JvmOptio>
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at org.elasticsearch.tools.launchers.JvmOptionsParser.jvmOptions(JvmOptionsParser.>
Jun 01 10:49:07 kali systemd-entrypoint[159401]: at org.elasticsearch.tools.launchers.JvmOptionsParser.main(JvmOptionsParser.java:8>
Jun 01 10:49:07 kali systemd[1]: elasticsearch.service: Main process exited, code=exited, status=1/FAILURE
Jun 01 10:49:07 kali systemd[1]: elasticsearch.service: Failed with result 'exit-code'.
Jun 01 10:49:07 kali systemd[1]: Failed to start elasticsearch.service - Elasticsearch.
Jun 01 10:49:07 kali systemd[1]: elasticsearch.service: Consumed 3.421s CPU time.
lines 721-749/749 (END)
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
