Can not running with the search guard 2

Search Guard
1

I have an elasticsearch cluster with single nodes

es:2.3.3
search-guard2:2``.3.3.0-rc1

search-guard-ssl:2.3.3.13

java:1.8.0_91

OS:windows10

He re is my conf file:
`node.local: true
security.manager.enabled: true
searchguard.authcz.admin_dn:

  • “CN=kirk,OU=client,O=client,l=tEst, C=De”
    searchguard.audit.type: internal_elasticsearch
    searchguard.ssl.transport.enabled: true
    searchguard.ssl.transport.keystore_type: JKS
    searchguard.ssl.transport.keystore_filepath: node-1-keystore.jks
    searchguard.ssl.transport.truststore_type: JKS
    searchguard.ssl.transport.truststore_filepath: truststore.jks
    searchguard.ssl.transport.truststore_password: changeit
    searchguard.ssl.transport.enforce_hostname_verification: true
    searchguard.ssl.transport.resolve_hostname: true
    searchguard.ssl.transport.enable_openssl_if_available: false

`

when I connect to es ,i got the errors follows:

[2016-07-17 21:59:11,147][WARN ][com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport] [Killraven] exception caught on transport layer [[id: 0x8b9d4878, /127.0.0.1:4297 => /127.0.0.1:9300]], closing connection

java.io.IOException: 遠端主機已強制關閉一個現存的連線。

at sun.nio.ch.SocketDispatcher.write0(Native Method)

at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:51)

at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)

at sun.nio.ch.IOUtil.write(IOUtil.java:51)

at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:471)

at org.jboss.netty.channel.socket.nio.SocketSendBufferPool$UnpooledSendBuffer.transferTo(SocketSendBufferPool.java:203)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.write0(AbstractNioWorker.java:201)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.writeFromUserCode(AbstractNioWorker.java:146)

at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink.handleAcceptedSocket(NioServerSocketPipelineSink.java:99)

at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink.eventSunk(NioServerSocketPipelineSink.java:36)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:779)

at org.jboss.netty.channel.Channels.write(Channels.java:725)

at org.jboss.netty.channel.Channels.write(Channels.java:686)

at org.jboss.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:1110)

at org.jboss.netty.handler.ssl.SslHandler.closeOutboundAndChannel(SslHandler.java:1500)

at org.jboss.netty.handler.ssl.SslHandler.handleDownstream(SslHandler.java:514)

at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)

at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:582)

at org.jboss.netty.channel.Channels.close(Channels.java:812)

at org.jboss.netty.channel.AbstractChannel.close(AbstractChannel.java:206)

at org.elasticsearch.transport.netty.NettyTransport.exceptionCaught(NettyTransport.java:790)

at com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport.exceptionCaught(SearchGuardSSLNettyTransport.java:74)

at org.elasticsearch.transport.netty.MessageChannelHandler.exceptionCaught(MessageChannelHandler.java:262)

at com.floragunn.searchguard.ssl.transport.SearchGuardMessageChannelHandler.exceptionCaught(SearchGuardMessageChannelHandler.java:107)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)

at org.jboss.netty.handler.codec.frame.FrameDecoder.exceptionCaught(FrameDecoder.java:377)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)

at org.elasticsearch.common.netty.OpenChannelsHandler.handleUpstream(OpenChannelsHandler.java:75)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)

at org.jboss.netty.handler.ssl.SslHandler.exceptionCaught(SslHandler.java:626)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)

at org.jboss.netty.channel.Channels.fireExceptionCaught(Channels.java:525)

at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:74)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)

at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)

at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)

at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

at java.lang.Thread.run(Thread.java:745)

I am confused for a long time.

Could you help me?

Thank you very much!!!

2

Did you config the network.host in your elasticsearch.yaml file?

在 2016年7月17日星期日 UTC+8下午10:50:21,胡凱傑写道:

···

I have an elasticsearch cluster with single nodes

es:2.3.3
search-guard2:2``.3.3.0-rc1

search-guard-ssl:2.3.3.13

java:1.8.0_91

OS:windows10

He re is my conf file:
`node.local: true
security.manager.enabled: true
searchguard.authcz.admin_dn:

  • “CN=kirk,OU=client,O=client,l=tEst, C=De”
    searchguard.audit.type: internal_elasticsearch
    searchguard.ssl.transport.enabled: true
    searchguard.ssl.transport.keystore_type: JKS
    searchguard.ssl.transport.keystore_filepath: node-1-keystore.jks
    searchguard.ssl.transport.truststore_type: JKS
    searchguard.ssl.transport.truststore_filepath: truststore.jks
    searchguard.ssl.transport.truststore_password: changeit
    searchguard.ssl.transport.enforce_hostname_verification: true
    searchguard.ssl.transport.resolve_hostname: true
    searchguard.ssl.transport.enable_openssl_if_available: false

`

when I connect to es ,i got the errors follows:

[2016-07-17 21:59:11,147][WARN ][com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport] [Killraven] exception caught on transport layer [[id: 0x8b9d4878, /127.0.0.1:4297 => /127.0.0.1:9300]], closing connection

java.io.IOException: 遠端主機已強制關閉一個現存的連線。

at sun.nio.ch.SocketDispatcher.write0(Native Method)

at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:51)

at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)

at sun.nio.ch.IOUtil.write(IOUtil.java:51)

at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:471)

at org.jboss.netty.channel.socket.nio.SocketSendBufferPool$UnpooledSendBuffer.transferTo(SocketSendBufferPool.java:203)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.write0(AbstractNioWorker.java:201)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.writeFromUserCode(AbstractNioWorker.java:146)

at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink.handleAcceptedSocket(NioServerSocketPipelineSink.java:99)

at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink.eventSunk(NioServerSocketPipelineSink.java:36)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:779)

at org.jboss.netty.channel.Channels.write(Channels.java:725)

at org.jboss.netty.channel.Channels.write(Channels.java:686)

at org.jboss.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:1110)

at org.jboss.netty.handler.ssl.SslHandler.closeOutboundAndChannel(SslHandler.java:1500)

at org.jboss.netty.handler.ssl.SslHandler.handleDownstream(SslHandler.java:514)

at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)

at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:582)

at org.jboss.netty.channel.Channels.close(Channels.java:812)

at org.jboss.netty.channel.AbstractChannel.close(AbstractChannel.java:206)

at org.elasticsearch.transport.netty.NettyTransport.exceptionCaught(NettyTransport.java:790)

at com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport.exceptionCaught(SearchGuardSSLNettyTransport.java:74)

at org.elasticsearch.transport.netty.MessageChannelHandler.exceptionCaught(MessageChannelHandler.java:262)

at com.floragunn.searchguard.ssl.transport.SearchGuardMessageChannelHandler.exceptionCaught(SearchGuardMessageChannelHandler.java:107)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)

at org.jboss.netty.handler.codec.frame.FrameDecoder.exceptionCaught(FrameDecoder.java:377)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)

at org.elasticsearch.common.netty.OpenChannelsHandler.handleUpstream(OpenChannelsHandler.java:75)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)

at org.jboss.netty.handler.ssl.SslHandler.exceptionCaught(SslHandler.java:626)

at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)

at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)

at org.jboss.netty.channel.Channels.fireExceptionCaught(Channels.java:525)

at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:74)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)

at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)

at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)

at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)

at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)

at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)

at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)

at java.lang.Thread.run(Thread.java:745)

I am confused for a long time.

Could you help me?

Thank you very much!!!

3

please install the latest versions of search-guard and search-guard-ssl

Maybe you also want to try GitHub - floragunncom/search-guard: Search Guard Plugin - Security for Elasticsearch ?

···

Am 17.07.2016 um 16:50 schrieb 翁群弼 <airburst30@gmail.com>:

I have an elasticsearch cluster with single nodes
es:2.3.3
search-guard2:2.3.3.0-rc1
search-guard-ssl:2.3.3.13
java:1.8.0_91
OS:windows10

He re is my conf file:
node.local: true
security.manager.enabled: true
searchguard.authcz.admin_dn:
   - "CN=kirk,OU=client,O=client,l=tEst, C=De"
searchguard.audit.type: internal_elasticsearch
searchguard.ssl.transport.enabled: true
searchguard.ssl.transport.keystore_type: JKS
searchguard.ssl.transport.keystore_filepath: node-1-keystore.jks
searchguard.ssl.transport.truststore_type: JKS
searchguard.ssl.transport.truststore_filepath: truststore.jks
searchguard.ssl.transport.truststore_password: changeit
searchguard.ssl.transport.enforce_hostname_verification: true
searchguard.ssl.transport.resolve_hostname: true
searchguard.ssl.transport.enable_openssl_if_available: false

when I connect to es ,i got the errors follows:

[2016-07-17 21:59:11,147][WARN ][com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport] [Killraven] exception caught on transport layer [[id: 0x8b9d4878, /127.0.0.1:4297 => /127.0.0.1:9300]], closing connection
java.io.IOException: 遠端主機已強制關閉一個現存的連線。
  at sun.nio.ch.SocketDispatcher.write0(Native Method)
  at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:51)
  at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
  at sun.nio.ch.IOUtil.write(IOUtil.java:51)
  at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:471)
  at org.jboss.netty.channel.socket.nio.SocketSendBufferPool$UnpooledSendBuffer.transferTo(SocketSendBufferPool.java:203)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.write0(AbstractNioWorker.java:201)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.writeFromUserCode(AbstractNioWorker.java:146)
  at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink.handleAcceptedSocket(NioServerSocketPipelineSink.java:99)
  at org.jboss.netty.channel.socket.nio.NioServerSocketPipelineSink.eventSunk(NioServerSocketPipelineSink.java:36)
  at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendDownstream(DefaultChannelPipeline.java:779)
  at org.jboss.netty.channel.Channels.write(Channels.java:725)
  at org.jboss.netty.channel.Channels.write(Channels.java:686)
  at org.jboss.netty.handler.ssl.SslHandler.wrapNonAppData(SslHandler.java:1110)
  at org.jboss.netty.handler.ssl.SslHandler.closeOutboundAndChannel(SslHandler.java:1500)
  at org.jboss.netty.handler.ssl.SslHandler.handleDownstream(SslHandler.java:514)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:591)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendDownstream(DefaultChannelPipeline.java:582)
  at org.jboss.netty.channel.Channels.close(Channels.java:812)
  at org.jboss.netty.channel.AbstractChannel.close(AbstractChannel.java:206)
  at org.elasticsearch.transport.netty.NettyTransport.exceptionCaught(NettyTransport.java:790)
  at com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport.exceptionCaught(SearchGuardSSLNettyTransport.java:74)
  at org.elasticsearch.transport.netty.MessageChannelHandler.exceptionCaught(MessageChannelHandler.java:262)
  at com.floragunn.searchguard.ssl.transport.SearchGuardMessageChannelHandler.exceptionCaught(SearchGuardMessageChannelHandler.java:107)
  at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
  at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
  at org.jboss.netty.handler.codec.frame.FrameDecoder.exceptionCaught(FrameDecoder.java:377)
  at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
  at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
  at org.elasticsearch.common.netty.OpenChannelsHandler.handleUpstream(OpenChannelsHandler.java:75)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
  at org.jboss.netty.channel.DefaultChannelPipeline$DefaultChannelHandlerContext.sendUpstream(DefaultChannelPipeline.java:791)
  at org.jboss.netty.handler.ssl.SslHandler.exceptionCaught(SslHandler.java:626)
  at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:112)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
  at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
  at org.jboss.netty.channel.Channels.fireExceptionCaught(Channels.java:525)
  at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:74)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)
  at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)
  at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)
  at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
  at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
  at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)
  at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
  at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
  at java.lang.Thread.run(Thread.java:745)

I am confused for a long time.

Could you help me?

Thank you very much!!!

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/8f134b44-f583-4c1d-8c36-e5778306922a%40googlegroups.com\.
For more options, visit https://groups.google.com/d/optout\.