I have Elasticsearch 7.17.
Following the generation of new SSL certificates, I have created a new keystore via the command
and I'm trying to add the CA certificate to it:
keytool -importcert -trustcacerts -noprompt -keystore /etc/elasticsearch/elasticsearch.keystore -file /etc/elasticsearch/certs/ca.crt
However, I get the following error:
keytool error: java.io.IOException: Invalid keystore format
I have converted the CA cert into PKCS12 and tried to import it in such format (ca.p12), since the keystore is defined as of type PKCS12 in /etc/elasticsearch/elasticsearch.yml, but I get the same error.
What's wrong? Thanks in advance.
Excerpts of the /etc/elasticsearch/elasticsearch.yml file: