is self explanatory.
is wrong, it should be
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/certs/node-1.p12
How ? What was the setting name ? Can you share the output of
bin/elasticsearch-keystore list
?
You can verify the password outside of elasticsearch running
openssl pkcs12 -in /etc/elasticsearch/certs/node-1.p12
it will prompt you for the password, so you can try and see if it is the password you think it is.