[2023-12-15T12:36:37,084][ERROR][o.e.b.Elasticsearch ] [LAPTOP-ECGDD83N] fatal exception while booting Elasticsearchorg.elasticsearch.ElasticsearchSecurityException: failed to load SSL configuration [xpack.security.transport.ssl] - cannot read configured [PKCS12] keystore [D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12] - this is usually caused by an incorrect password
at org.elasticsearch.xcore@8.9.0/org.elasticsearch.xpack.core.ssl.SSLService.lambda$loadSslConfigurations$11(SSLService.java:617)
at java.base/java.util.HashMap.forEach(HashMap.java:1429)
at java.base/java.util.Collections$UnmodifiableMap.forEach(Collections.java:1553)
at org.elasticsearch.xcore@8.9.0/org.elasticsearch.xpack.core.ssl.SSLService.loadSslConfigurations(SSLService.java:613)
at org.elasticsearch.xcore@8.9.0/org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:159)
See logs for more details.
ERROR: Elasticsearch did not exit normally - check the logs at D:\Internship_task\elasticsearch\elasticsearch-8.9.0\logs\rivan.log
ERROR: Elasticsearch exited unexpectedly
Did you read the error message?
failed to load SSL configuration [xpack.security.transport.ssl] - cannot read configured [PKCS12] keystore [D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12] - this is usually caused by an incorrect password
BTW use 8.11. It's more recent and contains a lot of bug fixes.
Could you please explain me
this is my , elasticsearch.yml
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
enabled: true
verification_mode: certificate
keystore.type: PKCS12
keystore.path: elastic-certificates.p12
truststore.path: elastic-certificates.p12
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
client_authentication: required
keystore.type: PKCS12
keystore.path: elastic-certificates.p12
truststore.type: PKCS12
truststore.path: elastic-certificates.p12
Did you set xpack.security.ssl.keystore.secure_password?
It's a secured setting.
If you did not, please read the complete guide at: Set up basic security for the Elastic Stack plus secured HTTPS traffic | Elasticsearch Guide [8.11] | Elastic
Yes, I have done that as well and could able to see the password and given the permissions as well.
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\bin>elasticsearch-keystore list
keystore.seed
xpack.security.http.ssl.keystore.secure_password
xpack.security.http.ssl.truststore.secure_password
xpack.security.transport.ssl.keystore.secure_password
xpack.security.transport.ssl.truststore.secure_password
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\bin>elasticsearch-keystore show xpack.security.http.ssl.keystore.secure_password
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\bin>keytool -list -keystore "D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12"
Enter keystore password:
Keystore type: PKCS12
Keystore provider: SUN
Your keystore contains 2 entries
D:\Internship_task\elasticsearch\elasticsearch-8.9.0\config\elastic-certificates.p12 NT AUTHORITY\Authenticated Users:(F)
BUILTIN\Administrators:(I)(F)
NT AUTHORITY\SYSTEM:(I)(F)
NT AUTHORITY\Authenticated Users:(I)(M)
BUILTIN\Users:(I)(RX)
Successfully processed 1 files; Failed processing 0 files
Please don't format ALL the text with code format, but just the code part.
I'm editing your post.
I'm afraid I don't have enough knowledge on this topic to assist here. May be someone else will be able to answer.
My advice for now:
- Try to do the same thing using the latest 8.11 version
- Follow the guide step by step
- If anything goes wrong with one of the steps, please report it here
I did not check the list of bugs fixed since 8.9.0 but may be there's something related?
Sorry for making you trouble and will follow the above suggestion that you mentioned.