I'm trying to setup authentication on my elk stack. I have done a test with my test environnment, it was OK but in production, I can't do the first step.
I am in 6.8.3 and I have 4 nodes. And basic licence.
I have generate the certificate and copy it on each node.
./elasticsearch-certutil cert -out /etc/elasticsearch/config/cert.p12 -pass ""
in my yml file, on the master, I have added this :
xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.audit.enabled: true xpack.security.authc.realms.native.type: native xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/config/cert.p12
then I have restart this node.
I done this following command to generate the passwords :
But at the end, I have an error :
Unexpected response code  from calling PUT http://172.21.2.69:9200/_xpack/security/user/apm_system/_password?pretty
Cause: Cluster state has not been recovered yet, cannot write to the security index
Possible next steps:
- Try running this tool again.
- Try running with the --verbose parameter for additional messages.
- Check the elasticsearch logs for additional error details.
- Use the change password API manually.
ERROR: Failed to set password for user [apm_system].
Where is my mistake ? Do I have ro restart each node ?
Thank you for your replies.