I am a bit stuck wrt Search Guard SSL. Following is my problem
1 .I have OpenSSL installed version 1.0.2 confirmed by running the following command
When I try to start Elastic Search, I get the following error in the log files
[2018-07-18T13:09:34,585][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] OpenSSL OpenSSL 1.0.1e-fips 11 Feb 2013 (268439647) available
[2018-07-18T13:09:34,585][WARN ][c.f.s.s.DefaultSearchGuardKeyStore] Outdated OpenSSL version detected. You should update to 1.0.2k or later. Currently installed: OpenSSL 1.0.1e-fips 11 Feb 2013
[2018-07-18T13:09:34,589][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively
java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:701) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:643) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:557) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:162) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.<init>(Node.java:311) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) [elasticsearch-6.3.1.jar:6.3.1]
If I try to configure the certificates I generated manually from the Elastic.yml file, I dont think I have a good example of how to configure these cretificate values, I get one of the of the following errors
[2018-07-18T12:55:33,699][ERROR][c.f.s.s.DefaultSearchGuardKeyStore] Your keystore or PEM does not contain a certificate. Maybe you confused keys and certificates.
On Wednesday, July 18, 2018 at 1:19:15 PM UTC-4, Adwait Joshi wrote:
I am a bit stuck wrt Search Guard SSL. Following is my problem
1 .I have OpenSSL installed version 1.0.2 confirmed by running the following command
When I try to start Elastic Search, I get the following error in the log files
[2018-07-18T13:09:34,585][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] OpenSSL OpenSSL 1.0.1e-fips 11 Feb 2013 (268439647) available
[2018-07-18T13:09:34,585][WARN ][c.f.s.s.DefaultSearchGuardKeyStore] Outdated OpenSSL version detected. You should update to 1.0.2k or later. Currently installed: OpenSSL 1.0.1e-fips 11 Feb 2013
[2018-07-18T13:09:34,589][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively
java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:701) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:643) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:557) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.(PluginsService.java:162) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.(Node.java:311) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.(Node.java:252) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap$5.(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) [elasticsearch-6.3.1.jar:6.3.1]
If I try to configure the certificates I generated manually from the Elastic.yml file, I dont think I have a good example of how to configure these cretificate values, I get one of the of the following errors
[2018-07-18T12:55:33,699][ERROR][c.f.s.s.DefaultSearchGuardKeyStore] Your keystore or PEM does not contain a certificate. Maybe you confused keys and certificates.
If you don’t know how to generate certificates easiest is to use either the demo certificates or the online TLS generator:
These are not safe for production. For production certificates you can use the offline TLS Tool:
···
On Sunday, July 22, 2018 at 2:16:10 PM UTC+2, Adwait Joshi wrote:
Anyone?
On Wednesday, July 18, 2018 at 1:19:15 PM UTC-4, Adwait Joshi wrote:
I am a bit stuck wrt Search Guard SSL. Following is my problem
1 .I have OpenSSL installed version 1.0.2 confirmed by running the following command
When I try to start Elastic Search, I get the following error in the log files
[2018-07-18T13:09:34,585][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] OpenSSL OpenSSL 1.0.1e-fips 11 Feb 2013 (268439647) available
[2018-07-18T13:09:34,585][WARN ][c.f.s.s.DefaultSearchGuardKeyStore] Outdated OpenSSL version detected. You should update to 1.0.2k or later. Currently installed: OpenSSL 1.0.1e-fips 11 Feb 2013
[2018-07-18T13:09:34,589][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively
java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:701) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:643) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:557) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:162) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.<init>(Node.java:311) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) [elasticsearch-6.3.1.jar:6.3.1]
If I try to configure the certificates I generated manually from the Elastic.yml file, I dont think I have a good example of how to configure these cretificate values, I get one of the of the following errors
[2018-07-18T12:55:33,699][ERROR][c.f.s.s.DefaultSearchGuardKeyStore] Your keystore or PEM does not contain a certificate. Maybe you confused keys and certificates.
