What do you enter as the "host" while deploying a 3 node cluster and using elasticsearch_certutil http

Shubh_Garg · July 16, 2021, 5:23am

I am having trouble getting the correct http certificate. I have deployed a 3 node cluster according to the config. mentioned in this elastic article - Encrypting communications in an Elasticsearch Docker Container | Elasticsearch Guide [7.13] | Elastic

The ssl/tls part here is done and it works fine. But now that I go for the Elastic Stack plus secured HTTPS traffic, i run the mentioned steps and do the necessary changes in the .yml file.
But on running the configuration i get the following errors:-

Two keystore can not exist. ( one for ssl, one for http)

then after removing ssl as the keystore and keeping the http key
2. error","savedobjects-service"],"pid":951,"message":"Unable to retrieve version information from Elasticsearch nodes.
The kibana does not work with the http key (the cluster works at 30 % red status)

My last question is about this article - Set up basic security for the Elastic Stack plus secured HTTPS traffic | Elasticsearch Guide [7.13] | Elastic

in step 2(h) what should i enter as hostname? Is it the node es01,es02,es03 ?
( for ref. to my .yml file Encrypting communications in an Elasticsearch Docker Container | Elasticsearch Guide [7.13] | Elastic)

Patrick_Mueller · July 28, 2021, 6:19pm

Hello Shubh!

I did a quick search on the keystore message you posted, and couldn't find anything. Was that the exact message that was logged? And if I had to guess, you probably need to use the ssl keystore and not the http one, but ... I'm not sure.

Regarding how to specify the elasticsearch host names in the Kibana config, this documentation show an example: Running the Elastic Stack on Docker | Getting Started [7.13] | Elastic

kib01:
    image: docker.elastic.co/kibana/kibana:7.13.4
    container_name: kib01
    ports:
      - 5601:5601
    environment:
      ELASTICSEARCH_URL: http://es01:9200
      ELASTICSEARCH_HOSTS: '["http://es01:9200","http://es02:9200","http://es03:9200"]'
    networks:
      - elastic

Presumably you'd use https://es01:9200, instead of with the http:// prefix ...

system · August 25, 2021, 6:19pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Unable to retrieve version information from Elasticsearch nodes. connect ECONNREFUSED 127.0.0.1:9200 Kibana elastic-stack-security , docker	1	7368	June 22, 2022
Can't connect to node (ECONNREFUSED) - Multi cluster setup Kibana elastic-stack-security , docker	2	238	February 16, 2023
Let's encrypt Elasticsearch elastic-stack-security	2	59	August 13, 2024
Kibana with elastic form docker compose setup problem Kibana docker	6	960	December 22, 2023
Kibana Failed to authenticate with host “https://<IP_Address>:9200”: “” Kibana elastic-stack-security , docker	4	630	March 30, 2024

What do you enter as the "host" while deploying a 3 node cluster and using elasticsearch_certutil http

Related Topics