ES 7.4 - Xpack

Hello folks,

I have 3 nodes in my cluster. I can start and reach them without issue when I have not enabled xpack. When I enable security to do elasticsearch-setup-passwords auto, I have an error when it tries to reach my cluster.

Config added true true

I ran /usr/share/elasticsearch/bin/elasticsearch-setup-passwords auto --verbose, it cannot go further thanChecking cluster health: http://<ClusterIP>:9200/_cluster/health?pretty.


Unexpected response code [503] from calling PUT http://:9200/_security/user/apm_system/_password?pretty
Cause: Cluster state has not been recovered yet, cannot write to the [null] index

Possible next steps:

  • Try running this tool again.
  • Try running with the --verbose parameter for additional messages.
  • Check the elasticsearch logs for additional error details.
  • Use the change password API manually.

According to FSE course, you have to add true only. However it doesn't work and it asks for true. I have tried to set it to false, no success.

Any insight ?

That configuration is insufficient for configuring transport SSL.
It lacks any key or trust material (certificates) so your 3 nodes cannot connect to each other over SSL.
We have a guide for setting up SSL here:

You will need to generate certificates for each of your nodes, and configure them to trust one another.

Thanks a lot Tim. So as I understand the configuration for SSL with Basic license, those settings are also required since server aren't able to reach each other. true true certificate certificates.p12 certificates.p12

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.