Search Guard and Elasticsearch version:6.3.0
- JVM version and operating system version:1.8_144
Search Guard Admin v6
Will connect to 172.16.194.239:9300 … done
Unable to check whether cluster is sane: No user found for cluster:monitor/nodes/info
Connected as CN=node-ops-elasticsearch-Alarm-node04.example.com,OU=SSL,O=Test,L=Test,C=DE
ERR: CN=node-ops-elasticsearch-Alarm-node04.example.com,OU=SSL,O=Test,L=Test,C=DE is not an admin user
Seems you use a node certificate. This is not permitted, you have to use a client certificate and register it as admin_dn in elasticsearch.yml
My profile is
cluster.name: ops-elasticsearch-Alarm
node.name: ops-elasticsearch-Alarm-node04
node.master: false
node.data: true
path.data: /data/servers/elasticsearch-data
path.logs: /data/servers/elasticsearch-log
bootstrap.memory_lock: true
bootstrap.system_call_filter: false
indices.fielddata.cache.size: 50mb
network.host: 172.16.194.239
http.port: 9200
discovery.zen.minimum_master_nodes: 2
discovery.zen.fd.ping_timeout: 60s
discovery.zen.fd.ping_interval: 30s
discovery.zen.fd.ping_retries: 6
discovery.zen.ping.unicast.hosts: [“ops-elasticsearch-Alarm-master01”,“ops-elasticsearch-Alarm-master02”,“ops-elasticsearch-Alarm-master03”]
cluster.routing.allocation.node_initial_primaries_recoveries: 50
cluster.routing.allocation.node_concurrent_recoveries: 50
cluster.routing.allocation.cluster_concurrent_rebalance: 50
xpack.monitoring.collection.enabled: true
xpack.monitoring.enabled: true
xpack.graph.enabled: true
action.auto_create_index: “*”
searchguard.ssl.transport.keystore_type: JKS
searchguard.ssl.transport.keystore_filepath: node-ops-elasticsearch-Alarm-node04-keystore.jks
searchguard.ssl.transport.keystore_password: KtdzbtbwBKUo70Ze1u3X
searchguard.ssl.transport.truststore_type: JKS
searchguard.ssl.transport.truststore_filepath: truststore.jks
searchguard.ssl.transport.truststore_password: KtdzbtbwBKUo70Ze1u3X
searchguard.ssl.transport.enforce_hostname_verification: false
searchguard.ssl.transport.resolve_hostname: false
searchguard.ssl.http.enabled: false
searchguard.ssl.http.keystore_filepath: node-ops-elasticsearch-Alarm-node04-keystore.jks
searchguard.ssl.http.keystore_password: KtdzbtbwBKUo70Ze1u3X
searchguard.ssl.http.truststore_filepath: truststore.jks
searchguard.ssl.http.truststore_password: KtdzbtbwBKUo70Ze1u3X
http.compression: true
http.compression_level: 5
xpack.security.enabled: false
searchguard.authcz.admin_dn:
- “CN=node-ops-elasticsearch-Alarm-node04,OU=client,O=client,L=test,C=DE”
Request help
The error message and the configuration in the configuration file do not match, I have no clue.