Enabling security in Basic subscription

I am using elasticsearch 7.9, Basic subscription

I followed https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-security.html

I enabled security in elastic with this configuration:

    xpack.security.enabled: true
    xpack.security.transport.ssl.enabled: true
    xpack.security.transport.ssl.verification_mode: none
    xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 
    xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
    xpack.security.authc:
      anonymous:
        authz_exception: false

I started elastic from docker, mounting local configuration. I check if the configuration is picked up by docker exec -it elastic cat /usr/share/elasticsearch/config/elasticsearch.yml

The certificate file is also available from within docker.

I set default passwords with elasticsearch-setup-passwords by running docker exec -it bash and then the command

After restarting elastic, I cannot curl elastic form the host OS, the error message is:

[john@ebola config]$ curl -u elastic localhost:9200
Enter host password for user 'elastic':
curl: (56) Recv failure: Connection reset by peer

There are no errors according to docker logs elastic

When I docker exec -it elastic bash and call curl -u elastic localhost:9200 elastic successfully responds.

Please help!

1 Like

Answering my own question: All of the above is required and working, all I had to further add to the elasticsearch configuration file was the line

network.host: 0.0.0.0

Thank you for asking this question and for following up with the additional information! I've not tested this yet but this is what I need to figure out next.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.