Hi,
I'm trying to configure shield with PKI user authentication.
SSL seems to be configured and working properly (e.g. I can query over https).
When I configure a realm chain with PKI it appears that a client certificate is not requested during the SSL handshake. Any idea what might be causing it?
This is my elasticsearch.yml:
script.engine.groovy.inline.aggs: on
shield.ssl.keystore.path: C:\elasticsearch-2.3.3\elasticsearch-2.3.3\config\shield\keyStore.jks
shield.ssl.keystore.password: password
shield.ssl.truststore.path: C:\elasticsearch-2.3.3\elasticsearch-2.3.3\config\shield\keyStore.jks
shield.ssl.truststore.password: password
shield.transport.ssl : true
shield.http.ssl: true
shield.authc:
realms:
pki1:
type: pki
username_pattern: CN=(.*?)(?:,|$)
Thanks,
Elad