I'm trying to understand why I get 401 after initializing a new instance (goal to have multiple instances on one machine).
Steps taken:
- created a elasticsearch.keystore
- add the
bootstrap.password
successfully, withcat ~/.elk.secret | /opt/elasticsearch/bin/elasticsearch-keystore add -x 'bootstrap.password'
- Since I've multiple instances running, I move it in the new conf directory
but now I get 401:
curl -X GET 'https://elastic:myFancyPass@myServer:9200/_cluster/health?pretty' -k
{
"error" : {
"root_cause" : [
{
"type" : "security_exception",
"reason" : "unable to authenticate user [elastic] for REST request [/_cluster/health?pretty]",
"header" : {
"WWW-Authenticate" : [
"Bearer realm=\"security\"",
"ApiKey",
"Basic realm=\"security\" charset=\"UTF-8\""
]
}
}
],
"type" : "security_exception",
"reason" : "unable to authenticate user [elastic] for REST request [/_cluster/health?pretty]",
"header" : {
"WWW-Authenticate" : [
"Bearer realm=\"security\"",
"ApiKey",
"Basic realm=\"security\" charset=\"UTF-8\""
]
}
},
"status" : 401
}
My understanding is that this error can be caused by two things:
- wrong password (which I doubt it's my case)
- wrong elasticsearch.file
How do I find which elasticsearch.keystore it is loading?
Running rootLogger.level = debug
didn't help. I feel it would be great getting a confirmation such as /opt/elasticsearch/instance2/conf/elasticsearch.keystore