Error creating a new enrollment token

Hello World!

I'm using Elastic Stack 6.6.1 and trying to follow Enroll Beats in central management along with Secrets keystore for secure settings and running into following issue:

# echo changeme | filebeat keystore add ES_PWD --stdin --force
Successfully updated the keystore
# 
# filebeat enroll https://X.X.X:443 --username elastic --password env:ES_PWD
Error creating a new enrollment token: [security_exception] failed to authenticate user [elastic], with { header={ WWW-Authenticate="Basic realm=\"security\" charset=\"UTF-8\"" } }
# 

yet, username:password seems to work:

# export ES_PWD=changeme
# curl -s -I https://elastic:$ES_PWD@x.x.x:443 | grep ^HTTP
HTTP/1.1 200 OK
# 

Please advise.

Checking the code, the --password CLI flag only supports stdin and env in 6.6. The env method does not read from the keystore, but expects you to use an environment variable.

ok, still getting same security_exception:

# ES_PWD=changeme
# filebeat enroll https://X.X.X:443 --username elastic --password env:ES_PWD
Error creating a new enrollment token: [security_exception] failed to authenticate user [elastic], with { header={ WWW-Authenticate="Basic realm=\"security\" charset=\"UTF-8\"" } }
# curl -s -I https://elastic:$ES_PWD@X.X.X:443 | grep ^HTTP
HTTP/1.1 200 OK
# 

yet, following works as expected:

# filebeat enroll https://X.X.X:443 --username elastic --password stdin
Enter password: 
This will replace your current settings. Do you want to continue? [Y/n]:y
Saving a copy of current settings to /etc/filebeat/filebeat.yml.bak
Enrolled and ready to retrieve settings from Kibana
#

When you do ES_PWD=change the environment variable will be only valid for the current command, if precede the command with the variable like in the next example it will correctly take the environment variable:

ES_PWD=changeme filebeat enroll https://X.X.X:443 --username elastic --password env:ES_PWD

But I still think its a bug, we should report that we cannot retrieve the environment variable.

I have created the following PR to give better feedback https://github.com/elastic/beats/pull/10936

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.