<stacktrace": ["org.elasticsearch.bootstrap.StartupException: ElasticsearchSecurityException[failed to load SSL configuration [xpack.security.transport.ssl]]; nested: ElasticsearchException[failed to initialize SSL TrustManager - not permitted to read truststore file [/usr/share/elasticsearch/config/elastic-stack-ca.p12]]; nested: AccessDeniedException[/usr/share/elasticsearch/config/elastic-stack-ca.p12]; />
I can see its access issue but not sure how to fix it. like how to grant access to that location cause docker container exits after that exception and can't use commands like exec --it bash to change the file permission.
Assuming that you are using our official image ( and if you don't, you should ) , the user that elasticsearch runs under has a UID of 1000 so you should make sure that the elastic-stack-ca.p12 is owned by that user ( chown 1000:0 elastic-stack-ca.p12 ) or it is readable by all users.
Please be patient in waiting for responses to your question and refrain from pinging multiple times asking for a response or opening multiple topics for the same question. This is a community forum, it may take time for someone to reply to your question. For more information please refer to the Community Code of Conduct specifically the section "Be patient". Also, please refrain from pinging folks directly, this is a forum and anyone that participates might be able to assist you.
If you are in need of a service with an SLA that covers response times for questions then you may want to consider talking to us about a subscription.
It's fine to answer on your own thread after 2 or 3 days (not including weekends) if you don't have an answer.
I try to observe the code of conduct, its for our common good.
here is an except from the "Be patient" section One reminder ping is welcome, many reminder pings in rapid succession are not a good display of patience.
As one can see I posted some details and then YML, to elaborate and then ping , one ping. So I thought I was under the norms. Had no intention flood it. I much appreciate volunteer response and we learn a lot from such forums. Respect and thanks for all contributors.
One comment though: wouldn't it be 'nicer' if some help was also provided besides policing .
I stand with what David said above, please be patient, we all do our best around here
Not everyone has the time, insights, or a ready answer for each of the questions, that doesn't mean that bringing up the code of conduct of the forums is a bad approach. Don't consider this as policing, but rather as a friendly reminder. It had only been 19hrs since you asked the previous question
Answering your original question: you don't need to do this as part of your docker compose file. Do it once, for your existing elastic-stack-ca.p12 file and then map it as a volume, as you already do
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.