X-pack licence warning

vinod_hy · June 19, 2017, 6:31am

#
# License [will expire] on [Friday, July 14, 2017]. If you have a new license, please update it.
# Otherwise, please reach out to your support contact.
# 
# Commercial plugins operate with reduced functionality on license expiration:
# - security
#  - Cluster health, cluster stats and indices stats operations are blocked
#  - All data operations (read and write) continue to work
# - watcher
#  - PUT / GET watch APIs are disabled, DELETE watch API continues to work
#  - Watches execute and write to the history
#  - The actions of the watches don't execute
# - monitoring
#  - The agent will stop collecting cluster and indices metrics
#  - The agent will stop automatically cleaning indices older than [xpack.monitoring.history.duration]
# - graph
#  - Graph explore APIs are disabled
# - ml
#  - Machine learning APIs are disabled
[2017-06-19T11:51:57,806][WARN ][o.e.l.LicenseService     ] [2rjebRN]

Hi all,

i am getting the above warning. It says that licence will expire on july 14th.. But i see my SSL authentication is not working well. Can you please tell me is my x-pack security feature is disabled now.

Elasticsearch is up on,
https://132.186.102.153:9200/

but kibana and logstash are unable to connect. The setup was working for me on last friday. But since today morning, i am not able to connect to elasticsearch both from logstash and kibana.

i get the below error in logstash,

:Outputs::ElasticSearch::HttpClient::Pool::HostUnreachableError, :error=>"Elasticsearch Unreachable: [https://elastic:xxxxxx@132.186.102.153:9200/][Manticore::ClientProtocolException] KeyUsage does not allow digi
tal signatures"}

TimV · June 19, 2017, 6:41am

No, since your license has not expired yet, no features have been disabled (*)

(*) If the date/time on your server is wrong, then it's possible that the license will expire before it's intended to. But that's unlikely to be the case here.

The SSL problems you seem to be experiencing should not be due to license expiry, but I can't really tell you what the problem could be without more details.

Based on the error from logstash, it looks like the certificate you're using on your elasticsearch isn't valid for that purpose, but that's just guesswork from 1 error message.

vinod_hy · June 19, 2017, 7:18am

@TimV,

Hi Tim,
I am using new certificates now. The error is gone now. But i dont see logs coming to logstash from filebeat now.
I get connection refused error,
2017/06/19 07:13:04.870474 single.go:140: ERR Connecting error publishing events (retrying): dial tcp 127.0.0.1:5043: connectex: No connection could be made because the target machine actively refused it.

vinod_hy · June 19, 2017, 7:22am

@TimV,

What should be the format of the certificate in the output filter of logstash.conf.
output {
elasticsearch {
hosts => ["132.186.102.153:9200"]
user => "elastic"
password => "changeme"
ssl => true
cacert => "D:/Softwares/ELK/elasticsearch-5.4.0/elasticsearch-5.4.0/config/x-pack/ELK_SSL_Certificates/testca/cacert.cer"
}
stdout { codec => rubydebug }
}

it should be .pem or .cer or ,crt. I tried all. Nothing works.

Please help me

Topic		Replies	Views
LS-ES connection issue Logstash elastic-stack-security	18	4608	March 25, 2019
Logstash failing after installing x-pack, elastic stack 6 Logstash	3	3178	February 7, 2018
Current license is non-compliant for [security] Elasticsearch	4	15269	August 1, 2018
X-pack not working on new ELK stack Elasticsearch	13	6155	November 23, 2017
Unknown SSL protocol error after activating trial license Elasticsearch elastic-stack-security	8	2954	February 4, 2020

X-pack licence warning

Related topics