What causes a "empty server certificate chain"

maxg1 · April 6, 2020, 10:03am

Hello,

i want to configure one elasticsearch-node to communicate via https and i am using the following parameters:

legend:
(xpack.security) = xs

xs.enabled: true
xs.transport.ssl.enabled: true
xs.transport.ssl.verification_mode: certificate
xs.transport.ssl.keystore.path:
xs.transport.ssl.truststore.path:
xs.http.ssl.enabled: true
xs.http.ssl.keystore.path:
xs.http.ssl.truststore.path:

With the correct certificates added to the keystores for full-trust, i get: exception thrown in transport layer "empty server certificate chain" thrown.

Does anybody know what could went wrong here?

Thank you!

maxg1 · April 6, 2020, 10:04am

the path parameters have been referenced according to the keystores path.

ikakavas · April 6, 2020, 10:21am

Hi there @maxg1!

Please share your entire configuration, there should be nothing sensitive in the paths of the files and do not make random substitutions as it is really hard to read this and we can't never be sure if something is wrong because it is wrong or because you tried to substitute it.

Also, please share the whole exception from the logs rather your interpretation of it, it will make it so much easier for folks that want to assist you to actually do so !

system · May 4, 2020, 10:21am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
SSL Handshake Exception: Empty Client Certificate Chain Elasticsearch elastic-stack-security	1	826	June 28, 2024
Let's encrypt Elasticsearch elastic-stack-security	2	59	August 13, 2024
Enabling TLS - NotSslRecordException Elasticsearch elastic-stack-security	3	4459	July 23, 2019
Secure connection on HTTP layer Elasticsearch elastic-stack-security	14	7040	September 3, 2019
Elasticsearch 'xpack.security.transport.ssl' related error after upgrade to 8.x Elasticsearch	0	21	September 11, 2024

What causes a "empty server certificate chain"

Related Topics