Facing issue while configuring ssl for elastic search


I'm facing issues while configuring ssl certificate with elasticsearch in elasticsearch.yml. when it is working fine for Kibana. When using self signed certificate it is asking for username and password while browsing but i'm not getting what credentials it is asking for.

Also while configuring it with proper certificate services are not getting started and error is not an ssl entry.

please help me out as it is very urgent for me.

Configurations are done in RHEL

Hi there,

You will need to share more information with us because what you have shared is not enough for someone to try and assist you.

  1. What exactly are you trying to do.
  2. What exactly you have done already. What you have configured, where and how. This generally requires that you share the relevant parts of your configuration files.
  3. What exactly is the error you are getting. It is usually more helpful to share the exact error message and the relevant parts of your logs, than trying to interpret the error message in your own words

Hi ,

Thanks for your response.

I managed to established Https connection for elastic search and kibana as well but while checking status it is throwing some not SSL/TLS entry exception.

Due to this I'm not able to fetch data into elastic search from my respective orchestrater.

Please note when my elastic search connection was not configured with SSL certificate (not secured) that time i was able to fetch logs into elastic search.

Please find below output while checking the status of elasticsearch.service

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:510) [netty-transport-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:470) [netty-transport-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:909) [netty-common-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 frparvm17074102.corp.ci.com elasticsearch[23412]: at java.lang.Thread.run(Thread.java:748) [?:1.8.0_221]

Dec 10 14:02:23 elasticsearch[23412]: Caused by: io.netty.handler.ssl.NotSslRecordException: not an SSL/TLS record: 474554202f20485454502f312e310d0a486f73743a206769742d6b6962616e612e63617067656d696e692e636f6d3a393230300d0a557365722d4167656e743a20476f2d687474702d636c69656e742f312e310d0a4163636570743a206170706c69636174696f6e2f6a736f6e0d0a4163636570742d456e636f64696e673a20677a69700d0a0d0a

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1182) ~[netty-handler-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1247) ~[netty-handler-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:502) ~[netty-codec-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 elasticsearch[23412]: at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:441) ~[netty-codec-4.1.32.Final.jar:4.1.32.Final]

Dec 10 14:02:23 elasticsearch[23412]: ... 15 more


Please don't post unformatted code, logs, or configuration as it's very hard to read.
Also, please don't post images of text as they are hard to read, may not display correctly for everyone, and are not searchable.

Instead, paste the text and format it with </> icon or pairs of triple backticks (```), and check the preview window to make sure it's properly formatted before posting it. This makes it more likely that your question will receive a useful answer.

It would be great if you could update your post to solve this.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.