I’m trying to setup search-guard-ssl (2.4.1.7) on elasticsearch 2.4.1.
I’m having trouble here:
https://github.com/floragunncom/search-guard-ssl-docs/blob/master/quickstart.md#testing-the-installation
curl -s --noproxy 127.0.0.1 http://127.0.0.1:9200/_searchguard/sslinfo?pretty"
{
“principal” : null,
“peer_certificates” : “0”,
“ssl_protocol” : null,
“ssl_cipher” : null,
“ssl_openssl_available” : false,
“ssl_openssl_version” : -1,
“ssl_openssl_version_string” : null,
“ssl_openssl_non_available_cause” : “java.lang.ClassNotFoundException: org.apache.tomcat.jni.SSL”,
“ssl_provider_http” : null,
“ssl_provider_transport_server” : “JDK”,
“ssl_provider_transport_client” : “JDK”
}
``
Earlier in the docs it says to ignore the tomcat warning, yet from this status output it seems that’s exactly what’s keeping this from working. Any tips?
I suggest to get it first working without openssl (in this case we use JDK built-in SSL).
Make sure you have set
searchguard.ssl.http.enabled: true
searchguard.ssl.http.keystore_filepath: keystore_file.jks
searchguard.ssl.http.truststore_filepath: truststore_file.jks
and then execute something like this:
curl -k -s --noproxy 127.0.0.1 https://127.0.0.1:9200/_searchguard/sslinfo?pretty"
If this is working we can get back to see why openssl might not be working.
First question here is whats your operating system?
Hope this helps
···
On Saturday, 17 December 2016 04:04:49 UTC+1, pixelrebel wrote:
Followed instructions here to meet prerequisites.
https://github.com/floragunncom/search-guard-ssl-docs/blob/master/openssl.md