ES version: 7.12
I'm getting this error...any help is really appreciated.
"Caused by: javax.net.ssl.SSLHandshakeException: Empty server certificate chain",
"at sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:?]",
"at sun.security.ssl.Alert.createSSLException(Alert.java:117) ~[?:?]",
Below are my setting
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.supported_protocols: TLSv1.2
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/chain-test-rp-search.pfx
xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/chain-test-rp-search.pfx
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.client_authentication: optional
xpack.security.http.ssl.verification_mode: certificate
xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/chain-test-rp-search-data.pfx
xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/chain-test-rp-search-data.pfx
Below is how I make pfx
openssl pkcs12 -export -out chain-test-rp-search.pfx -inkey test-rp-search.key.pem -in test-rp-search.cert.pem -chain -CAfile chain-test-rp-search.cert.pem -name chain-test-rp-search -passout pass:
openssl pkcs12 -export -out chain-test-rp-search-data.pfx -inkey test-rp-search-data.key.pem -in test-rp-search-data.cert.pem -chain -CAfile chain-test-rp-search.cert.pem -name chain-test-rp-search-data -passout pass: