I have been repeatedly failing to figure out how to properly enable x-pack. There's a lot of guides out there, but I still feel like I'm missing something. I built a new test machine to try to simplify this but am still running into trouble, so I turn to here for assistance.
I'll reference this guide for example. https://www.elastic.co/blog/getting-started-with-elasticsearch-security
Firstly, my environment characteristics. Mine is a bit different than the guide, as I'm using CentOS 7. I'm testing this on a basic license. I went ahead and made sure that I'm updated to 7.5 so that I have the newest stuff.
I have downloaded and Elasticsearch and Kibana via the repository.
I have cd to
/usr/share/elasticsearch/ and run
bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass "" as the author indicates. Maybe I chose the wrong working directory? I have added the lines suggested to
/etc/elasticsearch/elasticsearch.yml. After this, the author suggests to start Elasticsearch, but it fails for me. I tried to change the paths of the Keystore and Truststore to a full static path but I still get errors.
xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/elastic-certificates.p12
I start Elasticsearch differently than the author, but I think it is not an issue.
systemctl start elasticsearch. The output of
journalctl -u elasticsearch.service reveals the following.
One thing I notice after applying the bash highlighting is line 93:
Dec 30 10:51:20 rnh01velk03.prd.nextraq.com elasticsearch: Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/usr/share/elasticsearch/config/elastic-certificates.p12" "read")
Is this because the file is not owned by elasticsearch?
In an attempt to answer this myself, while writing this, I tested changing the permissions on the elastic-certificates.p12 file to 777 for kicks, but the error persisted. I tried rebooting the system as well in case java held some cache of the file permissions, but this did not solve the problem either.
Anyways I'm sure the brilliant minds here can find what I have missed. I must thank you in advance for your time!