Implementing basic auth for basic license throwing error

Hi All,

Our cluster have 6 nodes(1 coordinating, 3 master+data, 2 data nodes). We have implemented basic auth in the coordinating node, as our kibana is calling only coordinating node and it is working fine.

However , we have received a new requirement , where we need to secure all the elasticsearch node. We tried to make one of our master+data node secure.

We enabled below properties.

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true

PS : our coordinating node was working with only one property enabled
xpack.security.enabled: true

After enabling property when we try to run elasticsearch-setup-password, it is throwing below error :

[master_not_discovered_exception] .

Can someone please suggest whether there is some different configuration for master+data and coordinating node and why is it mandatory to enable ssl layer as well for master+data node

You need to enable this on all nodes in the cluster, not just one at a time.

1 Like

These are the docs for setting up security.

Since you're running a multi-node production cluster, you will need to perform at least the "Basic security" steps.
If you're following those steps and running into issues, then please indicate which step you got to, and what went wrong.

Based on the settings you have listed as being configured, it doesn't look like you are following those steps, so please start there.

SSL is the mechanism that we use to ensure that only trusted nodes can connect to your cluster. Without that protection, your security is useless because anyone with access to your network could connect to port 9300 and pretend to be a node.

1 Like

Thanks @TimV and @warkolm I will try this and update on this thread

Now it is working thanks :slight_smile:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.