[2023-12-15T12:36:37,084][ERROR][o.e.b.Elasticsearch ] [LAPTOP-ECGDD83N] fatal exception while booting Elasticsearchorg.elasticsearch.ElasticsearchSecurityException: failed to load SSL configuration [xpack.security.transport.ssl] - cannot read configured [PKCS12] keystore [D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12] - this is usually caused by an incorrect password
at org.elasticsearch.xcore@8.9.0/org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSslConfigurations$11(SSLService.java:617)
at java.base/java.util.HashMap.forEach(HashMap.java:1429)
at java.base/java.util.Collections$UnmodifiableMap.forEach(Collections.java:1553)
at org.elasticsearch.xcore@8.9.0/org.elasticsearch.xpack.core.ssl.SSLService.loadSslConfigurations(SSLService.java:613)
at org.elasticsearch.xcore@8.9.0/org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:159)
See logs for more details.
ERROR: Elasticsearch did not exit normally - check the logs at D:\Internship_task\elasticsearch\elasticsearch-8.9.0\logs\rivan.log
ERROR: Elasticsearch exited unexpectedly
Did you read the error message?
failed to load SSL configuration [xpack.security.transport.ssl] - cannot read configured [PKCS12] keystore [D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12] - this is usually caused by an incorrect password
BTW use 8.11. It's more recent and contains a lot of bug fixes.
Could you please explain me
this is my , elasticsearch.yml
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
verification_mode: certificate
keystore.type: PKCS12
keystore.path: elastic-certificates.p12
truststore.path: elastic-certificates.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
client_authentication: required
keystore.type: PKCS12
keystore.path: elastic-certificates.p12
truststore.type: PKCS12
truststore.path: elastic-certificates.p12
Did you set xpack.security.ssl.keystore.secure_password?
It's a secured setting.
If you did not, please read the complete guide at: Set up basic security for the Elastic Stack plus secured HTTPS traffic | Elasticsearch Guide [8.11] | Elastic
Yes, I have done that as well and could able to see the password and given the permissions as well.
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\bin>elasticsearch-keystore list
keystore.seed
xpack.security.http.ssl.keystore.secure_password
xpack.security.http.ssl.truststore.secure_password
xpack.security.transport.ssl.keystore.secure_password
xpack.security.transport.ssl.truststore.secure_password
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\bin>elasticsearch-keystore show xpack.security.http.ssl.keystore.secure_password
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\bin>keytool -list -keystore "D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12"
Enter keystore password:
Keystore type: PKCS12
Keystore provider: SUN
Your keystore contains 2 entries
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12 NT AUTHORITY\Authenticated Users:(F)
BUILTIN\Administrators:(I)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\Authenticated Users:(I)(M)
BUILTIN\Users:(I)(RX)
Successfully processed 1 files; Failed processing 0 files
Please don't format ALL the text with code format, but just the code part.
I'm editing your post.
I'm afraid I don't have enough knowledge on this topic to assist here. May be someone else will be able to answer.
My advice for now:
- Try to do the same thing using the latest 8.11 version
- Follow the guide step by step
- If anything goes wrong with one of the steps, please report it here
I did not check the list of bugs fixed since 8.9.0 but may be there's something related?
Sorry for making you trouble and will follow the above suggestion that you mentioned.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.