Username/password prompt 8.3.0

GrahamMarval · June 29, 2022, 4:09pm

I apologise if this is the wrong place (and a daft question) but I have a question regarding ElasticSearch 8.3.0 and user password.

In previous versions, once I have installed the ElasticSearch service ("elasticsearch-service install" and ingest attachment, I could then go to localhost:9200 and download/view the JSON file with no issues.

Since installing 8.3.0, I am getting prompted for a username/password. Has something changed now so a username/password is required? If so, what username/password is it looking for? Have I missed a step in the install?

Thank you for your time.

stephenb · June 29, 2022, 4:33pm

Hi @GrahamMarval Welcome to the community and thanks for try 8.3.0

YES Elasticsearch is secure by default now and so yes there is a password and the endpoints are secured via SSL with Self Signed Certs

There is / was a blog on this here

And here are the docs on it

when you installed on the console you would have seen something like this...


━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ Elasticsearch security features have been automatically configured!
✅ Authentication is enabled and cluster connections are encrypted.

ℹ️  Password for the elastic user (reset with `bin/elasticsearch-reset-password -u elastic`):
  P3XkuBjB30EpSqas8ZV5

ℹ️  HTTP CA certificate SHA-256 fingerprint:
  ec6a75c66e0952b695782dbea399b26cdea2714172e0655b48ec4805321c1d45

ℹ️  Configure Kibana to use this cluster:
• Run Kibana and click the configuration link in the terminal when Kibana starts.
• Copy the following enrollment token and paste it into Kibana in your browser (valid for the next 30 minutes):
  eyJ2ZXIiOiI4LjIuMyIsImFkciI6WyIxOTIuMTY4LjIuMTA3OjkyMDAiXSwiZmdyIjoiZWM2YTc1YzY2ZTA5NTJiNjk1NzgyZGJlYTM5OWIyNmNkZWEyNzE0MTcyZTA2NTViNDhlYzQ4MDUzMjFjMWQ0NSIsImtleSI6Il9vV1lvSUVCN1dqdWN6aHlpNTExOnhWbGVGTlNyUVkyRzFtNnJtdUJmVXcifQ==
  
ℹ️  Configure other nodes to join this cluster:
• On this node:
  ⁃ Create an enrollment token with `bin/elasticsearch-create-enrollment-token -s node`.
  ⁃ Uncomment the transport.host setting at the end of config/elasticsearch.yml.
  ⁃ Restart Elasticsearch.
• On other nodes:
  ⁃ Start Elasticsearch with `bin/elasticsearch --enrollment-token <token>`, using the enrollment token that you generated.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

now your curl would look like

curl --cacert config/certs/http_ca.crt -u "elastic:password" https://localhost:9200

or if you want to ingnore the ca check

curl --insecure -u "elastic:password" https://localhost:9200

GrahamMarval · June 29, 2022, 4:41pm

Hi @stephenb

Thank you for clarifying. I knew I'd missed something in the install lol

system · July 27, 2022, 4:41pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.