Struggling to get ES 8.6.2 to work (on W10)

This follows on from this question. I deliberately configured 8.6.2 to use port 9500.

I appear to have got 8.6.2 running on this W10 OS.

When I enter "https://localhost:9500" in my browser I am asked for a username and password.

Following the docs I tried this in a separate console (i.e. with the port 9500 ready and waiting):

D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>elasticsearch-setup-passwords interactive

Unexpected response code [500] from calling GET http://127.0.0.1:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.

ERROR: X-Pack Security is disabled by configuration.

D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>

Then I looked at the elasticsearch.yml file: I found these lines:

# Enable security features
xpack.security.enabled: true

xpack.security.enrollment.enabled: true

# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
  enabled: true
  keystore.path: certs/http.p12

# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
  enabled: true
  verification_mode: certificate
  keystore.path: certs/transport.p12
  truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["node862-1"]

# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0

... looks like "xpack" should be good to go. If not, what do I have to do?

I found this previous question.

I tried this in a separate console (i.e. with the port 9500 ready and waiting):

D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>elasticsearch-reset-password -u elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y [<--- y, Return pressed]

ERROR: Failed to reset password for the [elastic] user

D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>

I have found others struggling with this strong security thing on ES 8. Maybe it should be more clearly documented?

What should I do? Please bear in mind that I don't have Kibana or Docker installed, and don't in fact know anything about these apps. Also that this is a WINDOWS box.

FWIW. Having got the impression that Kibana appears to be important for managing ES 8, I downloaded, unzipped and tried to run it. Didn't work, probably because looking at port 9200. To my astonishment the commented-out line in kibana.yml for Kibana 8.6.2, for "elasticsearch.hosts", uses "http", not "https". Surely this must be a mistake.

I tried this uncommented line:
elasticsearch.hosts: ["http://localhost:9500"]
... rubbish.

I then tried this uncommented line:
elasticsearch.hosts: ["https://localhost:9500"]
... made slightly more sense. Ended with this error:
[2023-03-05T10:50:52.244+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. self signed certificate in certificate chain

Hah. Got it.

I'll put this here in case it's useful for a future user.

Once again (as in the referenced question) I had to set a session-based environment variable:
>set ES_PATH_CONF=D:/apps/ElasticSearch/elasticsearch-8.6.2/config

Then:

D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>elasticsearch-reset-password -u elastic interactive
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y

Password for the [elastic] user successfully reset.
New value: YwP0X1n0Ym5KwOpXfojG

D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>

... then got to the "you know, for search" at https://localhost:9500. Hurrah.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.