We have installed elasticsearch 6.4 and working fine.But when we are are trying to install search-Guard with keystore certs on same node we facing below issue.
sudo chmod +x ./sgadmin.sh && sudo ./sgadmin.sh -h ...[IP address] -cd ../sgconfig -cn abc -ts /etc/elasticsearch/truststore.jks -tspass ***** tsalias truststore -ks /etc/elasticsearch/keystore.jks -kspass ***** -nhnv
[INFO ][o.e.h.n.Netty4HttpServerTransport] [node-1] publish_address {127.0.0.1:9200}, bound_addresses {127.0.0.1:9200}
[INFO ][o.e.n.Node ] [node-1] started
[INFO ][c.f.s.SearchGuardPlugin ] 0 Search Guard modules loaded so far:
[INFO ][o.e.l.LicenseService ] [node-1] license [**********************] mode [basic] - valid
[INFO ][o.e.g.GatewayService ] [node-1] recovered [0] indices into cluster_state
[WARN ][o.e.t.n.Netty4Transport ] [node-1] exception caught on transport layer [NettyTcpChannel{localAddress=/127.0.0.1:9300, remoteAddress=/127.0.0.1:48096}], closing connection
io.netty.handler.codec.DecoderException: java.io.StreamCorruptedException: invalid internal transport message format, got (16,3,3,0)
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:459) ~[netty-codec-4.1.16.Final.jar:4.1.16.Final]
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265) ~[netty-codec-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.handler.logging.LoggingHandler.channelRead(LoggingHandler.java:241) [netty-handler-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:340) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1359) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:348) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:935) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:134) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:645) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeysPlain(NioEventLoop.java:545) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:499) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:459) [netty-transport-4.1.16.Final.jar:4.1.16.Final]
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858) [netty-common-4.1.16.Final.jar:4.1.16.Final]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_191]
Caused by: java.io.StreamCorruptedException: invalid internal transport message format, got (16,3,3,0)
at org.elasticsearch.transport.TcpTransport.validateMessageHeader(TcpTransport.java:1327) ~[elasticsearch-6.4.0.jar:6.4.0]
elasticsearch.yml
cluster.name: ABC
node.name: node-0
node.master: false
node.data: false
node.ingest: false
search.remote.connect: false
discovery.zen.ping.unicast.hosts: ["localhost IP"]
searchguard.disabled: true
xpack.security.enabled: false
#searchguard.ssl.http.enabled: false
---------------------------------- Search Guard SSL ----------------------------
searchguard.ssl.transport.enabled: true
searchguard.ssl.transport.keystore_filepath: /etc/elasticsearch/keystore.jks
searchguard.ssl.transport.keystore_alias: elasticsearch
searchguard.ssl.transport.keystore_password: *********
searchguard.ssl.transport.truststore_filepath: /etc/elasticsearch/truststore.jks
searchguard.ssl.transport.truststore_alias: truststore
searchguard.ssl.transport.truststore_password: *********
searchguard.ssl.transport.enforce_hostname_verification: false
searchguard.ssl.transport.resolve_hostname: false
---------------------------------- HTTP/REST layer SSL ----------------------------
searchguard.ssl.http.enabled: true
searchguard.ssl.http.keystore_filepath: /etc/elasticsearch/keystore.jks
searchguard.ssl.http.keystore_alias: elasticsearch
searchguard.ssl.http.keystore_password: *********
searchguard.ssl.http.truststore_filepath: /etc/elasticsearch/truststore.jks
searchguard.ssl.http.truststore_alias: truststore
searchguard.ssl.http.truststore_password: *********
searchguard.nodes_dn:
- "CN=*********, OU=*********, O=*********, L=*********, ST=*********, C=*********"
searchguard.authcz.admin_dn: - "CN=*********, OU=*********, O=*********, L=*********, ST=*********, C=*********"