This follows on from this question. I deliberately configured 8.6.2 to use port 9500.
I appear to have got 8.6.2 running on this W10 OS.
When I enter "https://localhost:9500" in my browser I am asked for a username and password.
Following the docs I tried this in a separate console (i.e. with the port 9500 ready and waiting):
D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>elasticsearch-setup-passwords interactive
Unexpected response code [500] from calling GET http://127.0.0.1:9200/_security/_authenticate?pretty
It doesn't look like the X-Pack security feature is enabled on this Elasticsearch node.
Please check if you have enabled X-Pack security in your elasticsearch.yml configuration file.
ERROR: X-Pack Security is disabled by configuration.
D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>
Then I looked at the elasticsearch.yml file: I found these lines:
# Enable security features
xpack.security.enabled: true
xpack.security.enrollment.enabled: true
# Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents
xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12
# Enable encryption and mutual authentication between cluster nodes
xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12
# Create a new cluster with the current node only
# Additional nodes can still join the cluster later
cluster.initial_master_nodes: ["node862-1"]
# Allow HTTP API connections from anywhere
# Connections are encrypted and require user authentication
http.host: 0.0.0.0
... looks like "xpack" should be good to go. If not, what do I have to do?
I found this previous question.
I tried this in a separate console (i.e. with the port 9500 ready and waiting):
D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>elasticsearch-reset-password -u elastic
This tool will reset the password of the [elastic] user to an autogenerated value.
The password will be printed in the console.
Please confirm that you would like to continue [y/N]y [<--- y, Return pressed]
ERROR: Failed to reset password for the [elastic] user
D:\apps\ElasticSearch\elasticsearch-8.6.2\bin>
I have found others struggling with this strong security thing on ES 8. Maybe it should be more clearly documented?
What should I do? Please bear in mind that I don't have Kibana or Docker installed, and don't in fact know anything about these apps. Also that this is a WINDOWS box.
FWIW. Having got the impression that Kibana appears to be important for managing ES 8, I downloaded, unzipped and tried to run it. Didn't work, probably because looking at port 9200. To my astonishment the commented-out line in kibana.yml for Kibana 8.6.2, for "elasticsearch.hosts", uses "http", not "https". Surely this must be a mistake.
I tried this uncommented line:
elasticsearch.hosts: ["http://localhost:9500"]
... rubbish.
I then tried this uncommented line:
elasticsearch.hosts: ["https://localhost:9500"]
... made slightly more sense. Ended with this error:
[2023-03-05T10:50:52.244+00:00][ERROR][elasticsearch-service] Unable to retrieve version information from Elasticsearch nodes. self signed certificate in certificate chain