Create admin and other user/roles using demo certs

I am using OpenSearch 1.1.0

I am trying to create users and roles using demo certificates, when I make a call like this

curl  -XGET 'http://localhost:9200/_plugins/_security/authinfo?pretty'  --cacert ./root-ca.pem --key ./kirk-key.pem --cert ./kirk.pem

I get Unauthorized as response. This is with HTTPS disabled.

While the same works with HTTPS enabled

curl  -XGET 'https://localhost:9200/_plugins/_security/authinfo?pretty'  --cacert ./root-ca.pem --key ./kirk-key.pem --cert ./kirk.pem

Is there a workaround to make it work with HTTPS disabled.

#opensearch.yml false

The curl call you gave uses the paramters --key ./kirk-key.pem --cert ./kirk.pem. This means, that it is using certificate authentication. Certificate authorization is done on the TLS layer. Thus, it cannot work if TLS (resp. HTTPS) is disabled. If you have disabled TLS, you need to use other authentication methods (such as basic auth with an authentication backend).

As a side note: It seems you are not using Search Guard, but OpenSearch security. Questions on this should be directed to the OpenSearch forum:

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.