Getting java.nio.file.NoSuchFileException while starting ES

Hello,

I am getting below error while starting ES service after enabling the TLS. I have performed below steps:

  1. created a CA certificate.
    bin/elasticsearch-certutil ca/

  2. Added the certificate password into keystore.

bin/elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password

bin/elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password`

Here is the elasticsearch.yml file:

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12

Error log :

Caused by: java.nio.file.NoSuchFileException: /etc/elasticsearch/elastic-certificates.p12
        at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86) ~[?:?]
        at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102) ~[?:?]
        at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107) ~[?:?]
        at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214) ~[?:?]
        at java.nio.file.Files.newByteChannel(Files.java:361) ~[?:1.8.0_252]
        at java.nio.file.Files.newByteChannel(Files.java:407) ~[?:1.8.0_252]
        at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384) ~[?:1.8.0_252]
        at java.nio.file.Files.newInputStream(Files.java:152) ~[?:1.8.0_252]
        at org.elasticsearch.xpack.core.ssl.TrustConfig.getStore(TrustConfig.java:95) ~[?:?]
        at org.elasticsearch.xpack.core.ssl.StoreTrustConfig.createTrustManager(StoreTrustConfig.java:65) ~[?:?]
        at org.elasticsearch.xpack.core.ssl.SSLService.createSslContext(SSLService.java:427) ~[?:?]
        at java.util.HashMap.computeIfAbsent(HashMap.java:1127) ~[?:1.8.0_252]
        at org.elasticsearch.xpack.core.ssl.SSLService.loadConfiguration(SSLService.java:521) ~[?:?]
        at org.elasticsearch.xpack.core.ssl.SSLService.loadSSLConfigurations(SSLService.java:501) ~[?:?]
        at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:142) ~[?:?]
        at org.elasticsearch.xpack.core.ssl.SSLService.<init>(SSLService.java:130) ~[?:?]
        at org.elasticsearch.xpack.core.XPackPlugin.createComponents(XPackPlugin.java:260) ~[?:?]
        at org.elasticsearch.node.Node.lambda$new$11(Node.java:478) ~[elasticsearch-7.7.0.jar:7.7.0]
        at java.util.stream.ReferencePipeline$7$1.accept(ReferencePipeline.java:269) ~[?:1.8.0_252]
        at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1382) ~[?:1.8.0_252]
        at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:482) ~[?:1.8.0_252]
        at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472) ~[?:1.8.0_252]
        at java.util.stream.ReduceOps$ReduceOp.evaluateSequential(ReduceOps.java:708) ~[?:1.8.0_252]
        at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:1.8.0_252]
        at java.util.stream.ReferencePipeline.collect(ReferencePipeline.java:566) ~[?:1.8.0_252]
        at org.elasticsearch.node.Node.<init>(Node.java:481) ~[elasticsearch-7.7.0.jar:7.7.0]
        at org.elasticsearch.node.Node.<init>(Node.java:264) ~[elasticsearch-7.7.0.jar:7.7.0]
        at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:227) ~[elasticsearch-7.7.0.jar:7.7.0]
        at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:227) ~[elasticsearch-7.7.0.jar:7.7.0]
        at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:393) ~[elasticsearch-7.7.0.jar:7.7.0]
        at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:170) ~[elasticsearch-7.7.0.jar:7.7.0]
        ... 6 more

Certificate file is into the conf directory (/etc/elasticsearch/)

Any help would be highly appreciated.

Thanks,
Bijender

This doesn't appear to be the case. What's the output of

ls -la /etc/elasticsearch

here is the output

[root@anddevelastic03 ~]# ls -la /etc/elasticsearch
total 64
drwxr-s---    3 root elasticsearch  4096 Jun  8 07:26 .
drwxr-xr-x. 106 root root           8192 May 27 15:31 ..
-rw-rw----    1 root elasticsearch   335 Jun  8 07:25 elasticsearch.keystore
-rw-r--r--    1 root elasticsearch    76 May 19 13:48 .elasticsearch.keystore.initial_md5sum
-rw-rw----    1 root elasticsearch  3302 Jun  8 07:26 elasticsearch.yml
-rwxrwxrwx    1 root elasticsearch  2527 Jun  8 07:23 elastic-stack-ca.p12
-rw-rw----    1 root elasticsearch  2373 May 20 07:31 jvm.options
drwxr-s---    2 root elasticsearch     6 May 11 22:10 jvm.options.d
-rw-rw----    1 root elasticsearch 17419 May 11 22:06 log4j2.properties
-rw-rw----    1 root elasticsearch   473 May 11 22:06 role_mapping.yml
-rw-rw----    1 root elasticsearch   197 May 11 22:06 roles.yml
-rw-rw----    1 root elasticsearch     0 May 11 22:06 users
-rw-rw----    1 root elasticsearch     0 May 11 22:06 users_roles

Well as you can see for yourself elastic-certificates.p12 is not there, and this is why you get an error

Thanks, I miss typed this into the yml file.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.