SSL error while setting up passwords

rajat_badjatya · December 19, 2019, 3:23pm

I have followed this elastic blog for configuring SSL in the elastic stack and tried using verification mode as certificate as well as none in elastic's configuration YAML but when I am trying to set up a password using xpack I am getting this error

SSL connection to https://192.168.236.98:9200/_security/_authenticate?pretty failed: No subject alternative names matching IP address 192.168.236.98 found
Please check the elasticsearch SSL settings under xpack.security.http.ssl.

The IP mentioned in the above error is my master pod IP. While generating ther certs I have given service dns name but xpack utiilty elasticsearch-setup-passwords is looking for pod IP instead of service DNS(elasticsearch-master.elk.svc.cluster.local).

I would be glad if someone could guide me and answer my following queries:

How can I add pod IP in Subject Alternative Names as pod IP is not known before the deployment?
Why verification mode none is not working as mentioned in the documentation:

none , which performs no verification of the server’s certificate.

TimV · December 20, 2019, 6:19am

Please provide a copy of your elasticsearch configuration.
The more guesses we have to make, the less likely it is that we will give you the correct answer.

system · January 17, 2020, 6:19am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Unable to run set-password in 6.1 Elasticsearch	6	2273	March 2, 2018
Elastic password generate error Elasticsearch elastic-stack-security	3	960	November 7, 2022
SSL Connection fail on Elastic 7.8.0 in Docker Container Elasticsearch elastic-stack-security , docker	3	3215	July 23, 2020
Unable to set passwords in elasticsearch with xpack Elasticsearch elastic-stack-security	10	5546	May 2, 2019
Elasticsearch TLS with Wildcard SAN Elasticsearch	13	3814	September 12, 2018

SSL error while setting up passwords

Related topics