SETING UP SSL to ELASTIC 2.2

security

(Divic) #1

Hello I am trying to use shield with elastic 2.2.0
I installed shield/license plugins setup new user and I was able to search elastic,
I wanted to setup SSL/TLS
I followed instruction provided here : https://www.elastic.co/guide/en/shield/2.2/ssl-tls.html

I created self signed certificate https://www.elastic.co/guide/en/shield/2.2/certificate-authority.html

added options to elasticsearch.yaml

after restarting elasticsearach I see errors in log file

[2016-06-02 08:52:58,733][ERROR][shield.transport.netty ] [Tremolo] SSL/TLS handshake failed, closing channel: General SSLEngine problem

passwords are correct I tried to do keytool list and password was correct
Not sure what I am missing, is it generating certificate or elasticsearch.yml configuration


(Divic) #2

I got it work in the end my problem was elasticsearch.yml configuration
haven't set up network config properly
elastic was publishing localhost address and in my cert I provided local ip of my virtual machine (192.168.21.108)
I added to config/elastsicsearch.yml
network.bind_host: 192.168.21.108
network.publish_host: 192.168.21.108


(system) #3