Not able to generate TLS certificate

I am not able to generate search guard TLS certificate in elasticsearch

**Elasticsearch version:7.17.3

**Server :windows

**Kibana version (if relevant):*7.17.3

Describe the issue:
I have installed search guard 53.1.0v in the Elasticsearch 7.17.3v (production environment)
After that i tried to generate TLS certificates by adding the following lines inside the search guard config file:

ca:

   root:
    dn: CN=root.ca.Lxxxxxxx.uxxx.xxxx.x,OU=SSL,O=Test,DC=com
     keysize: 2048

      pkPassword: xxx-xx-password 

      validityDays: 3650

      file: root-ca.pem
     
 ca:

   intermediate:
    dn: CN=node1.Lxxxxxxx.uxxx.xxxx.x,OU=SSL,O=Test,DC=com
    keysize: 2048

      validityDays: 3650  

      pkPassword: xxx-xx-password

      file: intermediate-ca.pem

**Expected behavior:
while running this command on search-guard-tlstool-1.8 : ./tools/sgtlstool.sh -c …/config/tlsconfig.yml -ca
instead of generated file Generated files

  • root-ca.pem Root certificate
  • root-ca.key Private key of the Root CA
  • root-ca.readme Passwords of the root and intermediate CAs

Errors in browser console (if relevant):
its opening sgstlstool file

@jis Please try the below config instead. Please bear in mind that in yml files, correct indentation is crucial. All options under the root: and intermediate are at the same indent level.
Also, you’ve duplicated ca: in your config.

ca:
   root:
      dn: CN=root.ca.Lxxxxxxx.uxxx.xxxx.x,OU=SSL,O=Test,DC=com

      keysize: 2048

      validityDays: 3650

      pkPassword: xxx-xx-password

      file: root-ca.pem

   intermediate:
      dn: CN=node1.Lxxxxxxx.uxxx.xxxx.x,OU=SSL,O=Test,DC=com

      keysize: 2048

      validityDays: 3650

      pkPassword: xxx-xx-password

      file: intermediate-ca.pem

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.