Hello all.
For the past few days, I have been trying to add the correct certificates to our Elasticsearch and Kibana, but without success.
Long story short, this was not setup by me.
Neither I was aware of the certificates date until it expired.
The system was using the common certificates that were deployed with the installation I assume:
- http.p12
- transport.p12.
Now I'm trying to create my own certificates.
First step was following this documentation:
This way I was able to connect to Elasticsearch and get the JSON response on the browser.
Second step was where I started to have errors.
So after creating the http.p12 file, I started to have this error:
[2024-04-30T15:54:46,285][WARN ][o.e.h.AbstractHttpServerTransport] [Node Name] caught exception while handling client http traffic, closing connection Netty4HttpChannel{localAddress=/X.X.0.86:9200, remoteAddress=/X.X.X.X:XXXXX}
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate
These were the configurations:
- Generate a CSR? [y/N] N
- Use an existing CA? [y/N] Y
- For how long should your certificate be valid? [5y] 3Y
- node #1 name: [Same node name as in elasticsearch.yml]
- [Same node name].[MySite].com
- *[MySite].com
- X.X.0.86
Key Name: [Node]
Subject DN: CN=S[Node]
Key Size: 2048
Do you wish to change any of these options? [y/N]N
Generate additional certificates? [Y/n]n
After this I updated my elasticsearch.yml file with the following line and moved the http.p12 file to the configuration folder.
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
I also run this command:
./bin/elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password
I can't solve this error.
Any help?
What am I missing?
I have Kibana and Elasticsearch in the same server.
It was running before.
Elasticsearch version: 8.1.3
Kibana version: 8.1.3
Right now I'm only trying to run Elasticsearch.
Thanks.