Fail to reset kibana_system and elastic passwords

Hi All,

We run elasticsearch in a clustered mode and recently upgraded from 5 through to version 8.2.0

I tried to enable security TLS and minimal security by following these guides

Resulting in the following elasticsearch.yml es-cluster  node-main-1 "/var/lib/elasticsearch"
path.logs: "/var/log/elasticsearch"
path.home: "/usr/share/elasticsearch" 200 20000
- _ec2_
- _local_
discovery.ec2.groups: elk-access, elk-cluster
discovery.seed_providers: ec2
cluster.initial_master_nodes: node-main-1
- master
- data
- data_content
- data_hot
- data_warm
- data_cold
- data_frozen
- ingest
- ml
- remote_cluster_client
- transform true  true true certificate required elastic-certificates.p12 elastic-certificates.p12

Problem is when i tried to reset the elastic and kibana_system users i'm met with the following error

/usr/share/elasticsearch/bin/elasticsearch-reset-password -i -u elastic

ERROR: unable to determine default URL from settings, please use the -u option to explicitly provide the url

I also tried to create an admin user on this particular node and it worked but wasn't propagated to other nodes so the admin user doesn't work on other nodes

output of cluster health

    "cluster_name": "es-cluster",
    "status": "green",
    "timed_out": false,
    "number_of_nodes": 3,
    "number_of_data_nodes": 3,
    "active_primary_shards": 731,
    "active_shards": 1462,
    "relocating_shards": 0,
    "initializing_shards": 0,
    "unassigned_shards": 0,
    "delayed_unassigned_shards": 0,
    "number_of_pending_tasks": 0,
    "number_of_in_flight_fetch": 0,
    "task_max_waiting_in_queue_millis": 0,
    "active_shards_percent_as_number": 100.0


You can resolve this issue by providing the URL of your Elasticsearch instance using the -u option when running the elasticsearch-reset-password command. The URL should be in the format http://hostname:port. For example:

/usr/share/elasticsearch/bin/elasticsearch-reset-password -i -u http://localhost:9200 elastic

Replace http://localhost:9200 with the URL of your Elasticsearch instance.


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.