Enable SSL/TLS on Windows

mduckett1 · February 14, 2017, 2:48pm

Hi,

I've installed ELK 5.2 with x-pack and am currently trying to implement secure communication but can't seem to get it to work.

I have followed Setting Up TLS on a Cluster | X-Pack for the Elastic Stack [6.2] | Elastic but when I restart the node the service will not start.

I checked the logs and no indication of what's wrong, the service just gets stuck starting.

[2017-02-14 13:39:27] [info] [ 3912] Starting service...

If I comment out the extra config it works again, so i'm fairly sure its a configuration error:

xpack.ssl.key: C:\Path to key
xpack.ssl.certificate: c:\Path to Cert
xpack.ssl.certificate_authorities: c:\Path to CA Cert
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.enabled: true

But I cant see where I have it wrong?

jaymode · February 14, 2017, 4:17pm

Did you try putting quotes around the paths? I think the extra ':' on the line could be throwing things off.

mduckett1 · February 15, 2017, 8:20am

Thanks jaymode, I had tried double quotes (as in the documentation it shows double quotes for the xpack.ssl.certificate_authorities line) but this still didn't work.

I've experimented a bit this morning and changing them all to single quotes appears to be working.
So for clarity and if anyone else has a similar issue my config is now:

xpack.ssl.key: 'c:\Path to .key file'
xpack.ssl.certificate: 'c:\path to .crt file'
xpack.ssl.certificate_authorities: [ 'c:\ path to ca.crt file' ]
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.enabled: true

Thanks.

jaymode · February 15, 2017, 12:59pm

I am glad you've got it working and I'll see what we can do to get this documentation improved.

mduckett1 · February 15, 2017, 1:19pm

Thanks for your help

system · March 15, 2017, 1:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.