failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

···

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

  • name: xxxxxxx-001.xxxxx.pro

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

  • name: xxxxxxxx-002.xxxxxxx.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

  • CN=es-k8s-001.pipl.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

  • CN=es-k8s-002.pipl.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

  • CN=es-k8s-002.pipl.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

searchguard.authcz.admin_dn:

  • CN=kirk.pipl.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

Hi,

can you please post the complete sgadmin.sh command with all paramters, and also post the complete stacktrace:

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Thanks!

···

On Thursday, November 29, 2018 at 11:50:07 AM UTC+1, aleksei.saiko@pipl.com wrote:

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

searchguard.authcz.admin_dn:

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

Hi Jochen, thx for your answer.

This is the full command, with the output , the Trace, is empty.

root@xxxx-001:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass xxxxxxxxx -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

···

On Thursday, November 29, 2018 at 12:50:07 PM UTC+2, alekse...@pipl.com wrote:

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

searchguard.authcz.admin_dn:

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

That is strange. How did you install Search Guard? With the elasticsearch-plugin install command?

The layout should look like:

Do you see the the search-guard-6-.jar in the plugins/search-guard-6 folder?

There is also an sgadmin standalone version that comes with all dependencies, can you try that?

https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-6/6.4.2-23.2/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

···

On Thursday, November 29, 2018 at 12:52:15 PM UTC+1, aleksei.saiko@pipl.com wrote:

Hi Jochen, thx for your answer.

This is the full command, with the output , the Trace, is empty.

root@xxxx-001:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass xxxxxxxxx -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

On Thursday, November 29, 2018 at 12:50:07 PM UTC+2, alekse...@pipl.com wrote:

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

searchguard.authcz.admin_dn:

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

Hi Jochen.
I installed search-guard as described on this page - https://docs.search-guard.com/latest/search-guard-installation with OFFLINE installation , because of proxy.

Yes, I see this folder after the installation - /usr/share/elasticsearch/plugins/search-guard-6 , which is full with jar files , and 2 folders - sgconfig and tools.

I tried to install the standalone version of sgadmin that you gave me , and getting this error :

elasticsearch# bin/elasticsearch-plugin install -b file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

-> Downloading file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

[=================================================] 100%

Exception in thread “main” java.nio.file.NoSuchFileException: /usr/share/elasticsearch/plugins/.installing-8113436727227829214/plugin-descriptor.properties

at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86)

at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)

at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)

at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)

at java.nio.file.Files.newByteChannel(Files.java:361)

at java.nio.file.Files.newByteChannel(Files.java:407)

at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)

at java.nio.file.Files.newInputStream(Files.java:152)

at org.elasticsearch.plugins.PluginInfo.readFromProperties(PluginInfo.java:162)

at org.elasticsearch.plugins.InstallPluginCommand.loadPluginInfo(InstallPluginCommand.java:713)

at org.elasticsearch.plugins.InstallPluginCommand.installPlugin(InstallPluginCommand.java:792)

at org.elasticsearch.plugins.InstallPluginCommand.install(InstallPluginCommand.java:775)

at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:231)

at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:216)

at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)

at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)

at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:77)

at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)

at org.elasticsearch.cli.Command.main(Command.java:90)

at org.elasticsearch.plugins.PluginCli.main(PluginCli.java:47)

Any ideas?

Though I didn’t uninstalled the previous version, the question if it’s necessary, or can be installed upon.

Thanks,

Aleksei

···

**Aleksei Saiko**
DevOps Engineer

+972-54-7261983 **|** Skype: aleksei.saiko 

[How PIPL Makes Sales Easier Even for the Best Salesmen](https://pipl.com/corp/pipl-makes-sales-easier-even-best-salesmen/)

Hi Aleksei,

sorry for not being clear enough. The sgadmin standalone is not a plugin for Elasticsearch. It is just sgadmin with all dependencies. You can just unzip it in any folder and then run the sgadmin.sh command. I want to check whether this version works. Because if it is, your issue is most likely related to classpath issue which I do not fully understand yet.

···

On Monday, December 3, 2018 at 5:10:15 PM UTC+1, Aleksei Saiko wrote:

Hi Jochen.
I installed search-guard as described on this page - https://docs.search-guard.com/latest/search-guard-installation with OFFLINE installation , because of proxy.

Yes, I see this folder after the installation - /usr/share/elasticsearch/plugins/search-guard-6 , which is full with jar files , and 2 folders - sgconfig and tools.

I tried to install the standalone version of sgadmin that you gave me , and getting this error :

elasticsearch# bin/elasticsearch-plugin install -b file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

-> Downloading file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

[=================================================] 100%

Exception in thread “main” java.nio.file.NoSuchFileException: /usr/share/elasticsearch/plugins/.installing-8113436727227829214/plugin-descriptor.properties

at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86)

at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)

at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)

at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)

at java.nio.file.Files.newByteChannel(Files.java:361)

at java.nio.file.Files.newByteChannel(Files.java:407)

at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)

at java.nio.file.Files.newInputStream(Files.java:152)

at org.elasticsearch.plugins.PluginInfo.readFromProperties(PluginInfo.java:162)

at org.elasticsearch.plugins.InstallPluginCommand.loadPluginInfo(InstallPluginCommand.java:713)

at org.elasticsearch.plugins.InstallPluginCommand.installPlugin(InstallPluginCommand.java:792)

at org.elasticsearch.plugins.InstallPluginCommand.install(InstallPluginCommand.java:775)

at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:231)

at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:216)

at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)

at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)

at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:77)

at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)

at org.elasticsearch.cli.Command.main(Command.java:90)

at org.elasticsearch.plugins.PluginCli.main(PluginCli.java:47)

Any ideas?

Though I didn’t uninstalled the previous version, the question if it’s necessary, or can be installed upon.

Thanks,

Aleksei

On Thu, Nov 29, 2018 at 2:31 PM Jochen Kressin jkressin@floragunn.com wrote:

That is strange. How did you install Search Guard? With the elasticsearch-plugin install command?

The layout should look like:

Do you see the the search-guard-6-.jar in the plugins/search-guard-6 folder?

There is also an sgadmin standalone version that comes with all dependencies, can you try that?

https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-6/6.4.2-23.2/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

On Thursday, November 29, 2018 at 12:52:15 PM UTC+1, aleksei.saiko@pipl.com wrote:

Hi Jochen, thx for your answer.

This is the full command, with the output , the Trace, is empty.

root@xxxx-001:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass xxxxxxxxx -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

On Thursday, November 29, 2018 at 12:50:07 PM UTC+2, alekse...@pipl.com wrote:

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

searchguard.authcz.admin_dn:

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/83ea3c22-1c29-409c-bd4f-47eeb1fbdc3c%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.


**Aleksei Saiko**
DevOps Engineer
+972-54-7261983 **|** Skype: aleksei.saiko 
[How PIPL Makes Sales Easier Even for the Best Salesmen](https://pipl.com/corp/pipl-makes-sales-easier-even-best-salesmen/)

Hi Jochen,

root@es-xxxxx:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass kbdAmjDd9Tdw -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Same result with the file with all the dependencies that you gave me :frowning:

···

**Aleksei Saiko**
DevOps Engineer

+972-54-7261983 **|** Skype: aleksei.saiko 

[How PIPL Makes Sales Easier Even for the Best Salesmen](https://pipl.com/corp/pipl-makes-sales-easier-even-best-salesmen/)

This is likely because one of your certificate or key files can not be found. Normally you should get a detailed error message on stderr but i don’t see it too :frowning:

Will fix this.

Meanwhile pls try https://oss.sonatype.org/content/repositories/snapshots/com/floragunn/search-guard-6/6.4.2-23.2-SNAPSHOT/search-guard-6-6.4.2-23.2-20181204.215859-4-sgadmin-standalone.tar.gz which should print out a detailed error message on stdout.

···

On Tuesday, 4 December 2018 13:08:40 UTC+1, Aleksei Saiko wrote:

Hi Jochen,

root@es-xxxxx:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass kbdAmjDd9Tdw -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Same result with the file with all the dependencies that you gave me :frowning:

On Mon, Dec 3, 2018 at 6:51 PM Jochen Kressin wrote:

Hi Aleksei,

sorry for not being clear enough. The sgadmin standalone is not a plugin for Elasticsearch. It is just sgadmin with all dependencies. You can just unzip it in any folder and then run the sgadmin.sh command. I want to check whether this version works. Because if it is, your issue is most likely related to classpath issue which I do not fully understand yet.

On Monday, December 3, 2018 at 5:10:15 PM UTC+1, Aleksei Saiko wrote:

Hi Jochen.
I installed search-guard as described on this page - https://docs.search-guard.com/latest/search-guard-installation with OFFLINE installation , because of proxy.

Yes, I see this folder after the installation - /usr/share/elasticsearch/plugins/search-guard-6 , which is full with jar files , and 2 folders - sgconfig and tools.

I tried to install the standalone version of sgadmin that you gave me , and getting this error :

elasticsearch# bin/elasticsearch-plugin install -b file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

-> Downloading file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

[=================================================] 100%

Exception in thread “main” java.nio.file.NoSuchFileException: /usr/share/elasticsearch/plugins/.installing-8113436727227829214/plugin-descriptor.properties

at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)
at java.nio.file.Files.newByteChannel(Files.java:361)
at java.nio.file.Files.newByteChannel(Files.java:407)
at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)
at java.nio.file.Files.newInputStream(Files.java:152)
at org.elasticsearch.plugins.PluginInfo.readFromProperties(PluginInfo.java:162)
at org.elasticsearch.plugins.InstallPluginCommand.loadPluginInfo(InstallPluginCommand.java:713)
at org.elasticsearch.plugins.InstallPluginCommand.installPlugin(InstallPluginCommand.java:792)
at org.elasticsearch.plugins.InstallPluginCommand.install(InstallPluginCommand.java:775)
at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:231)
at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:216)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:77)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
at org.elasticsearch.cli.Command.main(Command.java:90)
at org.elasticsearch.plugins.PluginCli.main(PluginCli.java:47)

Any ideas?

Though I didn’t uninstalled the previous version, the question if it’s necessary, or can be installed upon.

Thanks,

Aleksei

On Thu, Nov 29, 2018 at 2:31 PM Jochen Kressin wrote:

That is strange. How did you install Search Guard? With the elasticsearch-plugin install command?

The layout should look like:

Do you see the the search-guard-6-.jar in the plugins/search-guard-6 folder?

There is also an sgadmin standalone version that comes with all dependencies, can you try that?

https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-6/6.4.2-23.2/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

On Thursday, November 29, 2018 at 12:52:15 PM UTC+1 wrote:

Hi Jochen, thx for your answer.

This is the full command, with the output , the Trace, is empty.

root@xxxx-001:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass xxxxxxxxx -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

On Thursday, November 29, 2018 at 12:50:07 PM UTC+2, alekse...@pipl.com wrote:

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

searchguard.authcz.admin_dn:

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/83ea3c22-1c29-409c-bd4f-47eeb1fbdc3c%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Hi!
Well, still, Trace is empty.
Once again, to be aligned.

All certificates and keys in one folder, like was demanded in - https://search-guard.com/generating-certificates-tls-tool/ , which was pretty straightforward.
I also tried to make the key non encrypted, still, didn’t help, same error with empty Trace :frowning:

Any other ideas what can be the problem?
Maybe some other useful information that I can provide?

···

On Wednesday, December 5, 2018 at 12:14:20 AM UTC+2, Search Guard wrote:

This is likely because one of your certificate or key files can not be found. Normally you should get a detailed error message on stderr but i don’t see it too :frowning:

Will fix this.

Meanwhile pls try https://oss.sonatype.org/content/repositories/snapshots/com/floragunn/search-guard-6/6.4.2-23.2-SNAPSHOT/search-guard-6-6.4.2-23.2-20181204.215859-4-sgadmin-standalone.tar.gz which should print out a detailed error message on stdout.

On Tuesday, 4 December 2018 13:08:40 UTC+1, Aleksei Saiko wrote:

Hi Jochen,

root@es-xxxxx:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass kbdAmjDd9Tdw -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Same result with the file with all the dependencies that you gave me :frowning:

On Mon, Dec 3, 2018 at 6:51 PM Jochen Kressin wrote:

Hi Aleksei,

sorry for not being clear enough. The sgadmin standalone is not a plugin for Elasticsearch. It is just sgadmin with all dependencies. You can just unzip it in any folder and then run the sgadmin.sh command. I want to check whether this version works. Because if it is, your issue is most likely related to classpath issue which I do not fully understand yet.

On Monday, December 3, 2018 at 5:10:15 PM UTC+1, Aleksei Saiko wrote:

Hi Jochen.
I installed search-guard as described on this page - https://docs.search-guard.com/latest/search-guard-installation with OFFLINE installation , because of proxy.

Yes, I see this folder after the installation - /usr/share/elasticsearch/plugins/search-guard-6 , which is full with jar files , and 2 folders - sgconfig and tools.

I tried to install the standalone version of sgadmin that you gave me , and getting this error :

elasticsearch# bin/elasticsearch-plugin install -b file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

-> Downloading file:///tmp/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

[=================================================] 100%

Exception in thread “main” java.nio.file.NoSuchFileException: /usr/share/elasticsearch/plugins/.installing-8113436727227829214/plugin-descriptor.properties

at sun.nio.fs.UnixException.translateToIOException(UnixException.java:86)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
at sun.nio.fs.UnixFileSystemProvider.newByteChannel(UnixFileSystemProvider.java:214)
at java.nio.file.Files.newByteChannel(Files.java:361)
at java.nio.file.Files.newByteChannel(Files.java:407)
at java.nio.file.spi.FileSystemProvider.newInputStream(FileSystemProvider.java:384)
at java.nio.file.Files.newInputStream(Files.java:152)
at org.elasticsearch.plugins.PluginInfo.readFromProperties(PluginInfo.java:162)
at org.elasticsearch.plugins.InstallPluginCommand.loadPluginInfo(InstallPluginCommand.java:713)
at org.elasticsearch.plugins.InstallPluginCommand.installPlugin(InstallPluginCommand.java:792)
at org.elasticsearch.plugins.InstallPluginCommand.install(InstallPluginCommand.java:775)
at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:231)
at org.elasticsearch.plugins.InstallPluginCommand.execute(InstallPluginCommand.java:216)
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
at org.elasticsearch.cli.MultiCommand.execute(MultiCommand.java:77)
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124)
at org.elasticsearch.cli.Command.main(Command.java:90)
at org.elasticsearch.plugins.PluginCli.main(PluginCli.java:47)

Any ideas?

Though I didn’t uninstalled the previous version, the question if it’s necessary, or can be installed upon.

Thanks,

Aleksei

On Thu, Nov 29, 2018 at 2:31 PM Jochen Kressin wrote:

That is strange. How did you install Search Guard? With the elasticsearch-plugin install command?

The layout should look like:

Do you see the the search-guard-6-.jar in the plugins/search-guard-6 folder?

There is also an sgadmin standalone version that comes with all dependencies, can you try that?

https://oss.sonatype.org/service/local/repositories/releases/content/com/floragunn/search-guard-6/6.4.2-23.2/search-guard-6-6.4.2-23.2-sgadmin-standalone.zip

On Thursday, November 29, 2018 at 12:52:15 PM UTC+1 wrote:

Hi Jochen, thx for your answer.

This is the full command, with the output , the Trace, is empty.

root@xxxx-001:tools# ./sgadmin.sh -key ./kirk-key.pem -keypass xxxxxxxxx -cert ./kirk.pem -cacert ./root-ca.pem -nhnv -icl

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

On Thursday, November 29, 2018 at 12:50:07 PM UTC+2, alekse...@pipl.com wrote:

  • Search Guard and Elasticsearch version

SG - 6.4.2-23.2

ES - 6.4.2

  • JVM version and operating system version

java version “1.8.0_162”

Java™ SE Runtime Environment (build 1.8.0_162-b12)

Java HotSpot™ 64-Bit Server VM (build 25.162-b12, mixed mode)

NAME=“Ubuntu”

VERSION=“18.04.1 LTS (Bionic Beaver)”

ID=ubuntu

ID_LIKE=debian

PRETTY_NAME=“Ubuntu 18.04.1 LTS”

VERSION_ID=“18.04”

  • Search Guard configuration files

config.yml

--------------

ca:

root:

The distinguished name of this CA. You must specify a distinguished name.

dn: CN=root.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxx

file: root-ca.pem

intermediate:

dn: CN=signing.ca.pipl.pro,OU=IL,O=Pipl,L=IL,C=IL,DC=pro

pkPassword: xxxxxxxxx

file: intermediate-ca.pem

defaults:

validityDays: 3650

pkPassword: auto

httpsEnabled: true

verifyHostnames: true

resolveHostnames: true

nodes:

dn: CN=es-k8s-001.pipl.pro,OU=IL,O=xxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-001.xxxxxxl.pro

dn: CN=xxxxxxx-002.xxxxxx.pro,OU=IL,O=xxxxx,L=IL,C=IL,DC=pro

dns: xxxxxx-002.xxxxx.pro

  • name: node3

dn: CN=xxxxxxx-002.xxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

dns: xxxxxxx-003.xxxxxx.pro

clients:

  • name: spock

dn: CN=spock.xxxxxx.pro,OU=IL,O=xxxxxxx,L=IL,C=IL,DC=pro

  • name: kirk

dn: CN=kirk.xxxxxx.pro,OU=IL,O=xxxxxx,L=IL,C=IL,DC=pro

admin: true

elasticsearch.yml

----------------------

searchguard.ssl.transport.pemcert_filepath: xxxxxxx-001.xxxxxxx.pro.pem

searchguard.ssl.transport.pemkey_filepath: xxxxxxx-001.xxxxxx.pro.key

searchguard.ssl.transport.pemkey_password: xxxxxxxxx

searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem

searchguard.ssl.transport.enforce_hostname_verification: true

searchguard.ssl.transport.resolve_hostname: true

searchguard.ssl.http.enabled: false

searchguard.ssl.http.pemcert_filepath: xxxxxxxx-001.xxxxxxx.pro_http.pem

searchguard.ssl.http.pemkey_filepath: xxxxxx.xxxxxx.pro_http.key

searchguard.ssl.http.pemkey_password: LUIL6RfUFAQL

searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem

searchguard.nodes_dn:

searchguard.authcz.admin_dn:

“elasticsearch.yml” 195L, 6423C

  • Elasticsearch log messages on debug level

[2018-11-29T10:29:15,389][ERROR][c.f.s.a.BackendRegistry ] Not yet initialized (you may need to run sgadmin)

**AFTER INITIALIZING **

----------------------

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

  • Other installed Elasticsearch or Kibana plugins, if any

Kibana

Hello, I’m trying to work with search-guard for our data encryption.

I followed all the necessary steps of Installation from your page, and steps of generating the certificates from this page, by creating the root ca and intermediate ca - https://search-guard.com/generating-certificates-tls-tool/

When trying to make the following step ( initialize search-guard) - ./sgadmin.sh -key ./kirk-key.pem -keypass 8Faq7qPtP1DH -cert ./kirk.pem -cacert ./root-ca.pem …

I receive the following error -

WARNING: JAVA_HOME not set, will use /usr/bin/java

Search Guard Admin v6

Will connect to localhost:9300 … done

ERR: An unexpected IllegalStateException occured: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

Trace:

Could you please assist?

Thanks!

Aleksei

You received this message because you are subscribed to the Google Groups “Search Guard Community Forum” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.

To post to this group, send email to search...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/83ea3c22-1c29-409c-bd4f-47eeb1fbdc3c%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.