I am trying to upgrade my Elastic Stack to 7.10.1 from 7.1.1 but facing some issues.
I already have 7.1.1 version setup with 3 docker nodes cluster which works fine.
I followed below to upgrade to 7.10.1 version with same 3 node setup:
However, I get below issues:
[root@809c1952c653 elasticsearch]# bin/elasticsearch-setup-passwords interactive
23:50:48.354 [main] WARN org.elasticsearch.common.ssl.DiagnosticTrustManager - failed to establish trust with server at [172.31.0.5]; the server provided a certificate with subject name [CN=es01] and fingerprint [5f37c2526693a265e2485a17e809480ef1c6431a]; the certificate has subject alternative names [DNS:localhost,IP:127.0.0.1,DNS:es01]; the certificate is issued by [CN=Elastic Certificate Tool Autogenerated CA] but the server did not provide a copy of the issuing certificate in the certificate chain; the issuing certificate with fingerprint [49a6202a696348d2c337fcc068d3d2cde83f30e3] is trusted in this ssl context ([xpack.security.http.ssl])
java.security.cert.CertificateException: No subject alternative names matching IP address 172.31.0.5 found
Followed https://www.elastic.co/guide/en/elasticsearch/reference/7.x/trb-security-setup.html but no luck.
crt has SAN entry:
openssl x509 -in es01/es01.crt -noout -text
X509v3 Subject Alternative Name:
DNS:localhost, IP Address:127.0.0.1, DNS:es01
Apart from this, when Kibana tries to connect, it gets:
Client network socket disconnected before secure TLS connection was established
also
["warning","elasticsearch","data"],"pid":6,"message":"No living connections"}
I also get logged out from Kibana randomly.
I guess, these issues are related.
Is there anything which I am missing? Similar configuration works for 7.1.1 with no such issues.
Any lead on this?