Error initializing beat: could not initialize the keystore

Hi All,

Need some help on how I can make apm-server keystore work. For some reason it will fail to initialize the file if is not owned by root.

root@apm-server:~# apm-server keystore list
error initializing beat: could not initialize the keystore: config file ("/var/lib/apm-server/apm-server.keystore") must be owned by the user identifier (uid=0) or root

root@apm-server:~# ll /var/lib/apm-server/
-rw------- 1 apm-server apm-server 402 Jan 6 05:42 apm-server.keystore
-rw------- 1 apm-server apm-server 0 Jan 7 05:28 apm-server.lock
-rw------- 1 apm-server apm-server 48 Jun 30 2021 meta.json

If I change the ownership as root, the apm-server service won't start at all and it shows this error on system logs.

Exiting: could not initialize the keystore: open /var/lib/apm-server/apm-server.keystore: permission denied

Please advise on how to properly set its permissions or configuration to make it work.

As you experienced, I believe that the apm-server keystore <add|list|remove> commands will fail with an error if they aren't run with the user that owns the file.

The issue that you're seeing is caused because you're interacting with the keystore using root (as far as I can see in the console output that you provider), and the user that is running the apm-server binary is most likely not root.

To fix that, I'd advise that you add / list / delete keystore entries with the same user that runs apm-server.

@marclop that works! thank you..