Mutual tls/ssl on elasticsearch

ikakavas · October 20, 2020, 11:35am

Server sends

*** CertificateRequest

and client replies with the certificate

*** Certificate chain
chain [0] = [
[
  Version: V3
  Subject: CN=instance
  Signature Algorithm: SHA256withRSA, OID = 1.2.840.113549.1.1.11
  ....

and server trusts it

***
Found trusted certificate:

That shows that your client is still sending the certificate so we should focus on this.

I unfortunately have no other ideas about winSSL/schannel and why it automatically picks up the certificate, or how you'd stop it from doing so.

Topic		Replies	Views
Mutual tls/ssl on elasticsearch Elasticsearch elastic-stack-security	25	7334	October 8, 2019
[x-pack] enabled: Unable to communicate to Elasticsearch using only cacert from client machines Elasticsearch elastic-stack-security	19	3298	September 6, 2019
Elasticsearch SSL/TLS PKI realm setup Elasticsearch elastic-stack-security	14	2041	April 6, 2021
Verify PKI enabling in elastic nodes Elasticsearch elastic-stack-security	22	4449	March 6, 2019
Testing TLS/SSL secured elastic cluster Elasticsearch elastic-stack-security	32	6000	December 8, 2020