Enable SSL/TLS on Windows


(Mike Duckett) #1

Hi,

I've installed ELK 5.2 with x-pack and am currently trying to implement secure communication but can't seem to get it to work.

I have followed https://www.elastic.co/guide/en/x-pack/current/ssl-tls.html#installing-node-certificates but when I restart the node the service will not start.

I checked the logs and no indication of what's wrong, the service just gets stuck starting.

[2017-02-14 13:39:27] [info] [ 3912] Starting service...

If I comment out the extra config it works again, so i'm fairly sure its a configuration error:

xpack.ssl.key: C:\Path to key
xpack.ssl.certificate: c:\Path to Cert
xpack.ssl.certificate_authorities: c:\Path to CA Cert
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.enabled: true

But I cant see where I have it wrong?


(Jay Modi) #2

Did you try putting quotes around the paths? I think the extra ':' on the line could be throwing things off.


(Mike Duckett) #3

Thanks jaymode, I had tried double quotes (as in the documentation it shows double quotes for the xpack.ssl.certificate_authorities line) but this still didn't work.

I've experimented a bit this morning and changing them all to single quotes appears to be working.
So for clarity and if anyone else has a similar issue my config is now:

xpack.ssl.key: 'c:\Path to .key file'
xpack.ssl.certificate: 'c:\path to .crt file'
xpack.ssl.certificate_authorities: [ 'c:\ path to ca.crt file' ]
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.enabled: true

Thanks.


(Jay Modi) #4

I am glad you've got it working and I'll see what we can do to get this documentation improved.


(Mike Duckett) #5

Thanks for your help :slight_smile:


(system) #6

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.