Evaluating Search Guard - How to enable debug lo level.

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6.6.0.

  • Installed and used enterprise modules, if any

  • JVM version and operating system version

  • Search Guard configuration files

  • Elasticsearch log messages on debug level

  • Other installed Elasticsearch or Kibana plugins, if any

searchguard.ssl.transport.enabled: true

searchguard.ssl.transport.keystore_filepath: local-keystore.jks

searchguard.ssl.transport.truststore_filepath: local-truststore.jks

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: local-keystore.jks

searchguard.ssl.http.truststore_filepath: local-truststore.jks

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

Hi,

We are currently evaluating search guard. Using self signed certificates. 3 Node cluster. Using truststore in the relative path of /etc/elasticsearch and we are currently getting the below error.

io.netty.handler.codec.DecoderException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Not sure how to enable debug logs on elasticsearch for ssl using the log4j2.

Check that local-truststore.jks is not empty (that could be the reason for "the trustAnchors parameter must be non-empty")

To enable debug see https://docs.search-guard.com/latest/troubleshooting-setting-log-level#turn-on-debug-logging-temporarily

···

Am 08.02.2019 um 05:19 schrieb vigneshwar.rajkumar@piecestech.com:

When asking questions, please provide the following information:

* Search Guard and Elasticsearch version 6.6.0.
* Installed and used enterprise modules, if any
* JVM version and operating system version
* Search Guard configuration files
* Elasticsearch log messages on debug level
* Other installed Elasticsearch or Kibana plugins, if any
searchguard.ssl.transport.enabled: true
searchguard.ssl.transport.keystore_filepath: local-keystore.jks
searchguard.ssl.transport.truststore_filepath: local-truststore.jks
searchguard.ssl.http.enabled: true
searchguard.ssl.http.keystore_filepath: local-keystore.jks
searchguard.ssl.http.truststore_filepath: local-truststore.jks
searchguard.ssl.transport.enforce_hostname_verification: true
searchguard.ssl.transport.resolve_hostname: true

Hi,
We are currently evaluating search guard. Using self signed certificates. 3 Node cluster. Using truststore in the relative path of /etc/elasticsearch and we are currently getting the below error.

io.netty.handler.codec.DecoderException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Not sure how to enable debug logs on elasticsearch for ssl using the log4j2.

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/8c38e381-288f-40d0-8241-2b2a4aa71606%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Please also follow the TLS troubleshooting guide if you run into any certificate issues:

https://docs.search-guard.com/latest/troubleshooting-tls

···

On Friday, February 8, 2019 at 5:19:11 AM UTC+1, vigneshwar.rajkumar@piecestech.com wrote:

When asking questions, please provide the following information:

  • Search Guard and Elasticsearch version 6.6.0.
  • Installed and used enterprise modules, if any
  • JVM version and operating system version
  • Search Guard configuration files
  • Elasticsearch log messages on debug level
  • Other installed Elasticsearch or Kibana plugins, if any

searchguard.ssl.transport.enabled: true

searchguard.ssl.transport.keystore_filepath: local-keystore.jks

searchguard.ssl.transport.truststore_filepath: local-truststore.jks

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: local-keystore.jks

searchguard.ssl.http.truststore_filepath: local-truststore.jks

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

Hi,

We are currently evaluating search guard. Using self signed certificates. 3 Node cluster. Using truststore in the relative path of /etc/elasticsearch and we are currently getting the below error.

io.netty.handler.codec.DecoderException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Not sure how to enable debug logs on elasticsearch for ssl using the log4j2.