No handler found

edgarmat1964 · July 4, 2024, 2:01pm

Hi list,

I've got an issue where I get a "no handler found" error. I've started a trial license which is still active. My relevant elasticsearch.yml:

path.data: /data/elasticsearch
path.logs: /var/log/elasticsearch
network.host: 0.0.0.0
discovery.seed_hosts: ["0.0.0.0"]
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12
  client_authentication: optional
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
cluster.initial_master_nodes: ["elastic8.edgar-matzinger.nl"]
http.host: 0.0.0.0
xpack.security.authc.realms.pki.pki1.order: 1

I've created a PKI client certificate and this gives the following error:

{"error":{"root_cause":[{"type":"security_exception","reason":"action
[cluster:monitor/main] is unauthorized for user [edgarm] with
effective roles [], this action is granted by the cluster privileges [monitor,manage,all]"}],"type":"security_exception",
"reason":"action [cluster:monitor/main] is unauthorized for
user [edgarm] with effective roles [], this action is granted by
the cluster privileges [monitor,manage,all]"},"status":403}

And when I try to add some roles to the user (using DevTools in kibana):

PUT _xpack/security/role_mapping/kibana_certificate_authorization
{
  "roles" : [ "superuser" ],
  "rules" : { "field" : { "dn" : "CN=edgarm,OU=Thuis,DC=edgar-matzinger,DC=nl" } },
  "enabled": true
}

I get this error:

{
  "error": "no handler found for uri [/_xpack/security/role_mapping/kibana_certificate_authorization?pretty=true] and method [PUT]"
}

And there is no error message regarding this in elasticsearch.log

When I run this command in a CLI:

curl https://localhost:9200/_xpack/security/'_authenticate?pretty' --key edgarm.key --cert edgarm.crt --cacert edgarm-ca.crt -k -v

It gives me this:

{
  "error" : "no handler found for uri [/_xpack/security/_authenticate?pretty] and method [GET]"
}

And I have no clue where to look now...

Kind regards, Edgar Matzinger.

TimV · July 5, 2024, 7:22am

It looks like you're following some very old docs that don't match your version of Elasticsearch.

As best I can tell you're running Elasticsearch 8, but the /_xpack/security paths are only valid for Elasticsearch 7.

You need to follow the docs that match the version of Elasticsearch you are running. In this case you want /_security/role_mapping/

Create or update role mappings API | Elasticsearch Guide [8.14] | Elastic

edgarmat1964 · July 5, 2024, 7:32pm

You're correct and I misread your mail.