I'm on my second attempt at installing ES and Metricbeats to monitor the node (Ubuntu 22.04). I'm still unable to get Metricbeat to connect due to lack of the TLS key, which I can't locate.
Per the doc at Install Elasticsearch with Debian Package | Elasticsearch Guide [8.11] | Elastic :
Certificates and keys for TLS are generated for the transport and HTTP layer, and TLS is enabled and configured with these keys and certificates.
The password and certificate and keys are output to your terminal.
This is the entirety of the installation report:
# apt-get install elasticsearch
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following package was automatically installed and is no longer required:
libnuma1
Use 'apt autoremove' to remove it.
The following NEW packages will be installed:
elasticsearch
0 upgraded, 1 newly installed, 0 to remove and 7 not upgraded.
Need to get 631 MB of archives.
After this operation, 1317 MB of additional disk space will be used.
Get:1 https://artifacts.elastic.co/packages/8.x/apt stable/main amd64 elasticsearch amd64 8.11.3 [631 MB]
Fetched 631 MB in 17s (36.8 MB/s)
Selecting previously unselected package elasticsearch.
(Reading database ... 105179 files and directories currently installed.)
Preparing to unpack .../elasticsearch_8.11.3_amd64.deb ...
Creating elasticsearch group... OK
Creating elasticsearch user... OK
Unpacking elasticsearch (8.11.3) ...
Setting up elasticsearch (8.11.3) ...
--------------------------- Security autoconfiguration information ------------------------------
Authentication and authorization are enabled.
TLS for the transport and HTTP layers is enabled and configured.
The generated password for the elastic built-in superuser is : REDACTED
If this node should join an existing cluster, you can reconfigure this with
'/usr/share/elasticsearch/bin/elasticsearch-reconfigure-node --enrollment-token <token-here>'
after creating an enrollment token on your existing cluster.
You can complete the following actions at any time:
Reset the password of the elastic built-in superuser with
'/usr/share/elasticsearch/bin/elasticsearch-reset-password -u elastic'.
Generate an enrollment token for Kibana instances with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s kibana'.
Generate an enrollment token for Elasticsearch nodes with
'/usr/share/elasticsearch/bin/elasticsearch-create-enrollment-token -s node'.
-------------------------------------------------------------------------------------------------
### NOT starting on installation, please execute the following statements to configure elasticsearch service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable elasticsearch.service
### You can start elasticsearch service by executing
sudo systemctl start elasticsearch.service
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
I see all the other certs on the filesystem, but not the key. Am I missing something?