Search Guard SSL

I am a bit stuck wrt Search Guard SSL. Following is my problem

1 .I have OpenSSL installed version 1.0.2 confirmed by running the following command

When I try to start Elastic Search, I get the following error in the log files

[2018-07-18T13:09:34,585][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] OpenSSL OpenSSL 1.0.1e-fips 11 Feb 2013 (268439647) available

[2018-07-18T13:09:34,585][WARN ][c.f.s.s.DefaultSearchGuardKeyStore] Outdated OpenSSL version detected. You should update to 1.0.2k or later. Currently installed: OpenSSL 1.0.1e-fips 11 Feb 2013

[2018-07-18T13:09:34,589][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively

[2018-07-18T13:09:34,624][ERROR][o.e.b.Bootstrap ] Exception

java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:701) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:643) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:557) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:162) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.node.Node.<init>(Node.java:311) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.3.1.jar:6.3.1]

at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) [elasticsearch-6.3.1.jar:6.3.1]

If I try to configure the certificates I generated manually from the Elastic.yml file, I dont think I have a good example of how to configure these cretificate values, I get one of the of the following errors

[2018-07-18T12:55:33,699][ERROR][c.f.s.s.DefaultSearchGuardKeyStore] Your keystore or PEM does not contain a certificate. Maybe you confused keys and certificates.

Can someone please help?

Anyone?

···

On Wednesday, July 18, 2018 at 1:19:15 PM UTC-4, Adwait Joshi wrote:

I am a bit stuck wrt Search Guard SSL. Following is my problem

1 .I have OpenSSL installed version 1.0.2 confirmed by running the following command

When I try to start Elastic Search, I get the following error in the log files

[2018-07-18T13:09:34,585][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] OpenSSL OpenSSL 1.0.1e-fips 11 Feb 2013 (268439647) available

[2018-07-18T13:09:34,585][WARN ][c.f.s.s.DefaultSearchGuardKeyStore] Outdated OpenSSL version detected. You should update to 1.0.2k or later. Currently installed: OpenSSL 1.0.1e-fips 11 Feb 2013

[2018-07-18T13:09:34,589][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively

[2018-07-18T13:09:34,624][ERROR][o.e.b.Bootstrap ] Exception

java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:701) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:643) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:557) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.plugins.PluginsService.(PluginsService.java:162) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.node.Node.(Node.java:311) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.node.Node.(Node.java:252) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Bootstrap$5.(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.3.1.jar:6.3.1]

at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.3.1.jar:6.3.1]

at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) [elasticsearch-6.3.1.jar:6.3.1]

If I try to configure the certificates I generated manually from the Elastic.yml file, I dont think I have a good example of how to configure these cretificate values, I get one of the of the following errors

[2018-07-18T12:55:33,699][ERROR][c.f.s.s.DefaultSearchGuardKeyStore] Your keystore or PEM does not contain a certificate. Maybe you confused keys and certificates.

Can someone please help?

First there seems to be an issue with OpenSSL. The deteted version is 1.0.1e-fips. What does

openssl -version

``

give you?

We also need to see your elasticsearch.yml file. There seems to be a configuration issue here. Do you use PEM certificates or keystore files?

Have you tried going through the TLS troubleshooting guidelines?

https://docs.search-guard.com/latest/troubleshooting-tls

If you don’t know how to generate certificates easiest is to use either the demo certificates or the online TLS generator:

These are not safe for production. For production certificates you can use the offline TLS Tool:

···

On Sunday, July 22, 2018 at 2:16:10 PM UTC+2, Adwait Joshi wrote:

Anyone?

On Wednesday, July 18, 2018 at 1:19:15 PM UTC-4, Adwait Joshi wrote:

I am a bit stuck wrt Search Guard SSL. Following is my problem

1 .I have OpenSSL installed version 1.0.2 confirmed by running the following command

When I try to start Elastic Search, I get the following error in the log files

[2018-07-18T13:09:34,585][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] OpenSSL OpenSSL 1.0.1e-fips 11 Feb 2013 (268439647) available

[2018-07-18T13:09:34,585][WARN ][c.f.s.s.DefaultSearchGuardKeyStore] Outdated OpenSSL version detected. You should update to 1.0.2k or later. Currently installed: OpenSSL 1.0.1e-fips 11 Feb 2013

[2018-07-18T13:09:34,589][INFO ][c.f.s.s.DefaultSearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively

[2018-07-18T13:09:34,624][ERROR][o.e.b.Bootstrap ] Exception

java.lang.IllegalStateException: failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]

at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:701) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundle(PluginsService.java:643) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:557) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:162) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.<init>(Node.java:311) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.node.Node.<init>(Node.java:252) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap$5.<init>(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:213) ~[elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:326) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:136) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:127) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:86) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:124) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-cli-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:93) [elasticsearch-6.3.1.jar:6.3.1]
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:86) [elasticsearch-6.3.1.jar:6.3.1]

If I try to configure the certificates I generated manually from the Elastic.yml file, I dont think I have a good example of how to configure these cretificate values, I get one of the of the following errors

[2018-07-18T12:55:33,699][ERROR][c.f.s.s.DefaultSearchGuardKeyStore] Your keystore or PEM does not contain a certificate. Maybe you confused keys and certificates.

Can someone please help?