java.security.KeyStoreException: no key alias named

Hi,

I run this command line after generating all certificates with offline TLS tool. i wanted to generate keystore and truststore files for connecting with java elastic client.

keytool -import -trustcacerts -alias elasticcluster -file root-ca.pem -keystore truststore.jks

I’m getting the following error when starting elastic.

java.security.KeyStoreException: no key alias named XYZ

my elasticsearch.yml looks like this:

searchguard.ssl.transport.enforce_hostname_verification: false

searchguard.ssl.transport.resolve_hostname: false

searchguard.ssl.http.enabled: true

searchguard.ssl.transport.keystore_type: jks

searchguard.ssl.transport.keystore_filepath : truststore_1.jks

searchguard.ssl.transport.keystore_password : eVXbaBTwHN9f

searchguard.ssl.transport.truststore_type : jks

searchguard.ssl.transport.truststore_filepath : truststore_1.jks

searchguard.ssl.transport.truststore_password : eVXbaBTwHN9f#

searchguard.ssl.http.keystore_type: jks

searchguard.ssl.http.keystore_filepath: truststore_1.jks

searchguard.ssl.http.keystore_password : eVXbaBTwHN9f#

searchguard.ssl.http.truststore_type : jks

searchguard.ssl.http.truststore_filepath: truststore_1.jks

searchguard.ssl.http.truststore_password: eVXbaBTwHN9f#

This is strange, if you did not specify an alias name in elasticsearch.yml then the error should not happen.

@cstaley Can you have a look please?

For searchguard.ssl.transport.keystore_filepath and searchguard.ssl.http.keystore_filepath you must have a keystore and not a truststore (keystore contain certificates and keys, truststore contains only trusted certificates)

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.