Enabling TLS - NotSslRecordException

Hi,

I keep receiving an error when enabling xpack.security.http.ssl

My elasticsearch.yml settings are as per below - running elasticsearch-7.1.1

node.name: hiu-test
discovery.type:  single-node
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: 'E:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'
xpack.security.transport.ssl.truststore.path: 'E:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'

this works fine and I'm not seeing any errors but when I add the below:

xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: 'E:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'
xpack.security.http.ssl.truststore.path: 'E:\elasticsearch-7.1.1\config\certs\elastic-certificates.p12'

the console from which I started elasticsearch shows the below error when I startup elasticsearch:

[2019-06-21T15:14:50,749][WARN ][o.e.h.AbstractHttpServerTransport] [APR5874] caught exception while handling client http traffic, closing connection Netty4Http
Channel{localAddress=0.0.0.0/0.0.0.0:9200, remoteAddress=/127.0.0.1:58850}io.netty.handler.codec.DecoderException: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record

Any help with how to resolve this would be much appreciated.
Thanks

The WARN indicates that this is a warning rather than an error. Warnings are important, but they will typically not prevent you from using your cluster.

io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record

This means what it says. Something is trying to connect to your SSL enabled HTTP port using plaintext (http) rather than SSL (https).

Thanks heaps for your reply Tim, much appreciated.

Don't know how I missed that it was a warning and not an error - I suppose I also tried enabling https in Kibana and that certainly didn't work so conflated the two.

I'm stumped though as far as what's trying to connect. Yes I have other instances that have previously run on this machine but they are not currently running - there are no services setup either that could be running so it's a bit of a mystery.

About an hour after I typed the above, I start looking at what's actually running and spot something called heartbeat, ouch! I couldn't for the life of me understand what could be causing that message but there you go. Apologies for editing the post but I should probably elaborate that heartbeat was (probably) installed by a previous version of Kibana and used for sample data for dashboards and so whilst I thought nothing else was running, this service was and ended up causing what I was seeing. All pretty obvious to others I'm sure but thought I'd add it in case anyone else runs into the same thing.

Many thanks for your help, mystery solved (now to the next one....)

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.