- Security settings in Elasticsearch | Elasticsearch Guide [8.15] | Elastic mentions that the default value of
xpack.security.http.ssl.enabled
isfalse
.
(Static) Used to enable or disable TLS/SSL on the HTTP networking layer, which Elasticsearch uses to communicate with other clients. The default is
false
.
- This statement does not seem to be in line with Docker Image. Assume there is a
docker-compose.yaml
file like this. I useDocker Engine 27.2.0
andDocker Compose 2.29.2
.
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:8.15.0
environment:
- ELASTIC_PASSWORD=es01Test
- discovery.type=single-node
- I then booted up and entered the interactive prompt for the container.
docker compose up -d
docker compose exec es01 /bin/bash
curl -u elastic:es01Test \
-X POST \
http://es01:9200/_security/user/kibana_system/_password \
-d '{"password":"'"kibanaTest"'"}' \
-H 'Content-Type: application/json'
- At this point, the Error Log is as follows.
elasticsearch@5d304b927c85:~$ curl -u elastic:es01Test \
> -X POST \
> http://es01:9200/_security/user/kibana_system/_password \
> -d '{"password":"'"kibanaTest"'"}' \
> -H 'Content-Type: application/json'
curl: (52) Empty reply from server
- Just execute
exit
anddocker compose down --volumes
to remove all containers. - If I explicitly set
xpack.security.http.ssl.enabled=false
indocker-compose.yml
,
services:
es01:
image: docker.elastic.co/elasticsearch/elasticsearch:8.15.0
environment:
- ELASTIC_PASSWORD=es01Test
- discovery.type=single-node
- xpack.security.http.ssl.enabled=false
- I then booted up and entered the interactive prompt for the container.
docker compose up -d
docker compose exec es01 /bin/bash
curl -u elastic:es01Test \
-X POST \
http://es01:9200/_security/user/kibana_system/_password \
-d '{"password":"'"kibanaTest"'"}' \
-H 'Content-Type: application/json'
- At this time, the exception
curl: (52) Empty reply from server
is no longer thrown.
elasticsearch@78f52664fc29:~$ curl -u elastic:es01Test \
> -X POST \
> http://es01:9200/_security/user/kibana_system/_password \
> -d '{"password":"'"kibanaTest"'"}' \
> -H 'Content-Type: application/json'
{}elasticsearch@78f52664fc29:~$
- Why is the default value of
xpack.security.http.ssl.enabled
in Elasticsearch's Docker Image set totrue
?