searchguard usage on windows

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Regards,

Vinod H Y

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)
Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

···

Am 26.06.2017 um 12:37 schrieb vinod hy <hy.vinod88@gmail.com>:

Regards,

Vinod H Y

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Hi,

Thanks for the info. I am using the below link to follow the steps,

http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,

  1. installed the plugin using the below command,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh

This modified the elasticsearch.yml file with searchguard ssl paths

*3. Now ifi try to run *sh sgadmin_demo.sh, I get the below error,

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

***Please let me know the issue here. ***

And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

···

On Mon, Jun 26, 2017 at 8:48 PM, SG info@search-guard.com wrote:

Am 26.06.2017 um 12:37 schrieb vinod hy hy.vinod88@gmail.com:

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)

Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/
For sgadmin however there is a .bat file suitable for windows.

···

Am 26.06.2017 um 19:18 schrieb vinod hy <hy.vinod88@gmail.com>:

Hi,

Thanks for the info. I am using the below link to follow the steps,
http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,
1. installed the plugin using the below command,
elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh
   This modified the elasticsearch.yml file with searchguard ssl paths

3. Now ifi try to run sh sgadmin_demo.sh, I get the below error,
  Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Please let me know the issue here.
And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

On Mon, Jun 26, 2017 at 8:48 PM, SG <info@search-guard.com> wrote:

> Am 26.06.2017 um 12:37 schrieb vinod hy <hy.vinod88@gmail.com>:
>
> Hi All,
>
> I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.
>

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

> first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

>
> which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)
Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

>
> Regards,
>
> Vinod H Y
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> To post to this group, send email to search-guard@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.

--
Regards,

Vinod H Y

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,

http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22

i downloaded the zip version. Please confirm if its the right one.

Step 2:

As per your advice, i got the certificates generated from the below link,

https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

Regards,

Vinod H Y

···

On Tue, Jun 27, 2017 at 3:10 AM, SG info@search-guard.com wrote:

The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/

For sgadmin however there is a .bat file suitable for windows.

Am 26.06.2017 um 19:18 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Thanks for the info. I am using the below link to follow the steps,

http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,

  1. installed the plugin using the below command,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh

This modified the elasticsearch.yml file with searchguard ssl paths

  1. Now ifi try to run sh sgadmin_demo.sh, I get the below error,

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Please let me know the issue here.

And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

On Mon, Jun 26, 2017 at 8:48 PM, SG info@search-guard.com wrote:

Am 26.06.2017 um 12:37 schrieb vinod hy hy.vinod88@gmail.com:

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)

Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,
elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,
http://search.maven.org/#search|gav|1|g%3A"com.floragunn"%20AND%20a%3A"search-guard-5"

i downloaded the zip version. Please confirm if its the right one.

correct

Step 2:

As per your advice, i got the certificates generated from the below link,
https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

There is a README file contained in the zip together with the certificates.
There is nothing special for windows except that your files path look a little bit different.

···

Am 27.06.2017 um 10:46 schrieb vinod hy <hy.vinod88@gmail.com>:

Regards,

Vinod H Y

On Tue, Jun 27, 2017 at 3:10 AM, SG <info@search-guard.com> wrote:
The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/
For sgadmin however there is a .bat file suitable for windows.

> Am 26.06.2017 um 19:18 schrieb vinod hy <hy.vinod88@gmail.com>:
>
> Hi,
>
> Thanks for the info. I am using the below link to follow the steps,
> http://floragunncom.github.io/search-guard-docs/exampleELK.html
>
> I have,
> 1. installed the plugin using the below command,
> elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12
>
> 2.Ran the sh install_demo_configuration.sh
> This modified the elasticsearch.yml file with searchguard ssl paths
>
>
> 3. Now ifi try to run sh sgadmin_demo.sh, I get the below error,
> Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin
>
>
> Please let me know the issue here.
> And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.
>
> Regards,
>
> Vinod H Y
>
> On Mon, Jun 26, 2017 at 8:48 PM, SG <info@search-guard.com> wrote:
>
> > Am 26.06.2017 um 12:37 schrieb vinod hy <hy.vinod88@gmail.com>:
> >
> > Hi All,
> >
> > I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.
> >
>
> Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?
>
>
> > first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.
>
> Search Guard should be running well on Windows.
>
> >
> > which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.
>
> Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)
> Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/
>
> >
> > Regards,
> >
> > Vinod H Y
> >
> > --
> > You received this message because you are subscribed to the Google Groups "Search Guard" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> > To post to this group, send email to search-guard@googlegroups.com.
> > To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.
> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
> To post to this group, send email to search-guard@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.
> For more options, visit https://groups.google.com/d/optout.
>
>
>
> --
> Regards,
>
> Vinod H Y
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> To post to this group, send email to search-guard@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.

--
Regards,

Vinod H Y

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Install Plugin (online):
C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.2-12

Or install plugin offline (dowload search-guard-5-5.4.2-12.zip):
C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b file:///c:\temp\search-guard-5-5.4.2-12.zip

Get certificates from floragunn TLS certificate generator and put all *.jks files into the config/ folder of elasticsearch.

Edit elasticsearch.yml and add:

searchguard.authcz.admin_dn:
  - CN=sgadmin

searchguard.ssl.transport.keystore_filepath: CN=test-keystore.jks
searchguard.ssl.transport.keystore_password: 9eac388c9aaabec42528
searchguard.ssl.transport.truststore_filepath: truststore.jks
searchguard.ssl.transport.truststore_password: 2cef95ce1fceb3927cbe

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

Start elasticsearch and wait a minute until its started.

Make sure JAVA_HOME is set:
C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>echo %JAVA_HOME%
C:\Program Files\Java\jre1.8.0_131

If not set it to something like this:
C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>set JAVA_HOME=C:\Program Files\Java\jre1.8.0_131

Execute sgadmin to initialze Seatch Guard:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>sgadmin.bat -cd ..\sgconfig -ts C:\temp\elasticsearch-5.4.2\config\truststore.jks -tspass 2cef95ce1fceb
3927cbe -ks “C:\temp\elasticsearch-5.4.2\config\CN=sgadmin-keystore.jks” -kspass 44491845dcdc0279d222 –nhnv

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

You're done

···

Am 27.06.2017 um 10:46 schrieb vinod hy <hy.vinod88@gmail.com>:

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,
elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,
http://search.maven.org/#search|gav|1|g%3A"com.floragunn"%20AND%20a%3A"search-guard-5"

i downloaded the zip version. Please confirm if its the right one.

Step 2:

As per your advice, i got the certificates generated from the below link,
https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

Regards,

Vinod H Y

On Tue, Jun 27, 2017 at 3:10 AM, SG <info@search-guard.com> wrote:
The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/
For sgadmin however there is a .bat file suitable for windows.

> Am 26.06.2017 um 19:18 schrieb vinod hy <hy.vinod88@gmail.com>:
>
> Hi,
>
> Thanks for the info. I am using the below link to follow the steps,
> http://floragunncom.github.io/search-guard-docs/exampleELK.html
>
> I have,
> 1. installed the plugin using the below command,
> elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12
>
> 2.Ran the sh install_demo_configuration.sh
> This modified the elasticsearch.yml file with searchguard ssl paths
>
>
> 3. Now ifi try to run sh sgadmin_demo.sh, I get the below error,
> Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin
>
>
> Please let me know the issue here.
> And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.
>
> Regards,
>
> Vinod H Y
>
> On Mon, Jun 26, 2017 at 8:48 PM, SG <info@search-guard.com> wrote:
>
> > Am 26.06.2017 um 12:37 schrieb vinod hy <hy.vinod88@gmail.com>:
> >
> > Hi All,
> >
> > I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.
> >
>
> Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?
>
>
> > first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.
>
> Search Guard should be running well on Windows.
>
> >
> > which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.
>
> Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)
> Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/
>
> >
> > Regards,
> >
> > Vinod H Y
> >
> > --
> > You received this message because you are subscribed to the Google Groups "Search Guard" group.
> > To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> > To post to this group, send email to search-guard@googlegroups.com.
> > To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.
> > For more options, visit https://groups.google.com/d/optout.
>
> --
> You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
> To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
> To post to this group, send email to search-guard@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.
> For more options, visit https://groups.google.com/d/optout.
>
>
>
> --
> Regards,
>
> Vinod H Y
>
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> To post to this group, send email to search-guard@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.
> For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.
To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.

--
Regards,

Vinod H Y

--
You received this message because you are subscribed to the Google Groups "Search Guard" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

  1. So i created the certifcates using the TLS certificate generator. So i need not use install_demo_configuration.sh… right?
  2. and what about the **sgadmin.bat/sgadmin.sh. **

As per the searchguard installation steps as per the below link,

https://github.com/floragunncom/search-guard

**It says to execute **./sgadmin_demo.sh also.

I am getting confused here. What are these sgadmin script files.How to run them and when to run them. Can you please provide an example here.

···

On Tue, Jun 27, 2017 at 8:42 PM, SG info@search-guard.com wrote:

Am 27.06.2017 um 10:46 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,

http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22

i downloaded the zip version. Please confirm if its the right one.

correct

Step 2:

As per your advice, i got the certificates generated from the below link,

https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

There is a README file contained in the zip together with the certificates.

There is nothing special for windows except that your files path look a little bit different.

Regards,

Vinod H Y

On Tue, Jun 27, 2017 at 3:10 AM, SG info@search-guard.com wrote:

The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/

For sgadmin however there is a .bat file suitable for windows.

Am 26.06.2017 um 19:18 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Thanks for the info. I am using the below link to follow the steps,

http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,

  1. installed the plugin using the below command,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh

This modified the elasticsearch.yml file with searchguard ssl paths

  1. Now ifi try to run sh sgadmin_demo.sh, I get the below error,

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Please let me know the issue here.

And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

On Mon, Jun 26, 2017 at 8:48 PM, SG info@search-guard.com wrote:

Am 26.06.2017 um 12:37 schrieb vinod hy hy.vinod88@gmail.com:

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)

Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/DEADFD4F-FB6B-4BF7-8C25-D74E0BFCC926%40search-guard.com.
For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

thanks a lot for the information, Will try to follow it and get back to you. Really appreciate your time and help here.

···

On Tue, Jun 27, 2017 at 9:31 PM, SG info@search-guard.com wrote:

Am 27.06.2017 um 10:46 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,

http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22

i downloaded the zip version. Please confirm if its the right one.

Step 2:

As per your advice, i got the certificates generated from the below link,

https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

Regards,

Vinod H Y

On Tue, Jun 27, 2017 at 3:10 AM, SG info@search-guard.com wrote:

The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/

For sgadmin however there is a .bat file suitable for windows.

Am 26.06.2017 um 19:18 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Thanks for the info. I am using the below link to follow the steps,

http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,

  1. installed the plugin using the below command,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh

This modified the elasticsearch.yml file with searchguard ssl paths

  1. Now ifi try to run sh sgadmin_demo.sh, I get the below error,

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Please let me know the issue here.

And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

On Mon, Jun 26, 2017 at 8:48 PM, SG info@search-guard.com wrote:

Am 26.06.2017 um 12:37 schrieb vinod hy hy.vinod88@gmail.com:

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)

Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Install Plugin (online):

C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.2-12

Or install plugin offline (dowload search-guard-5-5.4.2-12.zip):

C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b file:///c:\temp\search-guard-5-5.4.2-12.zip

Get certificates from floragunn TLS certificate generator and put all *.jks files into the config/ folder of elasticsearch.

Edit elasticsearch.yml and add:

searchguard.authcz.admin_dn:

  • CN=sgadmin

searchguard.ssl.transport.keystore_filepath: CN=test-keystore.jks

searchguard.ssl.transport.keystore_password: 9eac388c9aaabec42528

searchguard.ssl.transport.truststore_filepath: truststore.jks

searchguard.ssl.transport.truststore_password: 2cef95ce1fceb3927cbe

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

Start elasticsearch and wait a minute until its started.

Make sure JAVA_HOME is set:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>echo %JAVA_HOME%

C:\Program Files\Java\jre1.8.0_131

If not set it to something like this:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>set JAVA_HOME=C:\Program Files\Java\jre1.8.0_131

Execute sgadmin to initialze Seatch Guard:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>sgadmin.bat -cd …\sgconfig -ts C:\temp\elasticsearch-5.4.2\config\truststore.jks -tspass 2cef95ce1fceb

3927cbe -ks “C:\temp\elasticsearch-5.4.2\config\CN=sgadmin-keystore.jks” -kspass 44491845dcdc0279d222 –nhnv

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

You’re done

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/D10A0A71-8791-408A-AC6A-FBA3D13245CA%40search-guard.com.

Regards,

Vinod H Y

Actually i have all the setup in my office machine. I will check it tomorrow and update you. Meanwhile, i have one more doubt. I need to add openssl certificates. Is the procedure same or does it vary.

···

On Tue, Jun 27, 2017 at 9:39 PM, vinod hy hy.vinod88@gmail.com wrote:

thanks a lot for the information, Will try to follow it and get back to you. Really appreciate your time and help here.

On Tue, Jun 27, 2017 at 9:31 PM, SG info@search-guard.com wrote:

Am 27.06.2017 um 10:46 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,

http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22

i downloaded the zip version. Please confirm if its the right one.

Step 2:

As per your advice, i got the certificates generated from the below link,

https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

Regards,

Vinod H Y

On Tue, Jun 27, 2017 at 3:10 AM, SG info@search-guard.com wrote:

The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/

For sgadmin however there is a .bat file suitable for windows.

Am 26.06.2017 um 19:18 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Thanks for the info. I am using the below link to follow the steps,

http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,

  1. installed the plugin using the below command,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh

This modified the elasticsearch.yml file with searchguard ssl paths

  1. Now ifi try to run sh sgadmin_demo.sh, I get the below error,

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Please let me know the issue here.

And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

On Mon, Jun 26, 2017 at 8:48 PM, SG info@search-guard.com wrote:

Am 26.06.2017 um 12:37 schrieb vinod hy hy.vinod88@gmail.com:

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)

Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Install Plugin (online):

C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.2-12

Or install plugin offline (dowload search-guard-5-5.4.2-12.zip):

C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b file:///c:\temp\search-guard-5-5.4.2-12.zip

Get certificates from floragunn TLS certificate generator and put all *.jks files into the config/ folder of elasticsearch.

Edit elasticsearch.yml and add:

searchguard.authcz.admin_dn:

  • CN=sgadmin

searchguard.ssl.transport.keystore_filepath: CN=test-keystore.jks

searchguard.ssl.transport.keystore_password: 9eac388c9aaabec42528

searchguard.ssl.transport.truststore_filepath: truststore.jks

searchguard.ssl.transport.truststore_password: 2cef95ce1fceb3927cbe

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

Start elasticsearch and wait a minute until its started.

Make sure JAVA_HOME is set:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>echo %JAVA_HOME%

C:\Program Files\Java\jre1.8.0_131

If not set it to something like this:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>set JAVA_HOME=C:\Program Files\Java\jre1.8.0_131

Execute sgadmin to initialze Seatch Guard:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>sgadmin.bat -cd …\sgconfig -ts C:\temp\elasticsearch-5.4.2\config\truststore.jks -tspass 2cef95ce1fceb

3927cbe -ks “C:\temp\elasticsearch-5.4.2\config\CN=sgadmin-keystore.jks” -kspass 44491845dcdc0279d222 –nhnv

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

You’re done

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/D10A0A71-8791-408A-AC6A-FBA3D13245CA%40search-guard.com.


Regards,

Vinod H Y

Regards,

Vinod H Y

Hi,

I followed the steps as mentioned above. There are 2 issues i am observing,

Issue 1:

If i run localhost:9200 on browser, it displays error message as below,

***Search Guard not initialized (SG11). See [https://github.com/floragunncom/search-guard-docs/blob/master/sgadmin.md](https://github.com/floragunncom/search-guard-docs/blob/master/sgadmin.md)***
In elasticsearch.log, i can see the below trace,
***[2017-06-29T14:55:36,436][INFO ][c.f.s.c.IndexBaseConfigurationRepository] searchguard index does not exist yet, so no need to load config on node startup. Use sgadmin to initialize cluster***

**Issue 2:**

So the issue 1 is because i have not run sgadmin command. But when i run the sgadmin command as suggested by you in your mail, i get
___Cannot retrieve cluster state due to: None of the configured nodes are available: [{#transport#-1}{t_vvrQHFTruDXPcUgf3i-Q}{   localhost}{127.0.0.1:9300}]. This is not an error, will keep on trying ...
* Try running sgadmin.sh with -icl and -nhnv (If thats works you need to check your clustername as well as hostnames in your SSL certificates)
* If this is not working, try running sgadmin.sh with --diagnose and see diagnose trace log file)
15:00:52.735 [elasticsearch[_client_][transport_client_boss][T#3]] ERROR com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport - SSL Problem General SSLEngine problem___

***javax.net.ssl.SSLHandshakeException: General SSLEngine problem.***
***Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching localhost found.***
Then i ran sgadmin command in diagnose mode. I am attaching the diagnose logs with the mail.

**Elasticsearch.yml file changes:**
***  searchguard.authcz.admin_dn:
- CN=AAEINBLR02717D
searchguard.ssl.transport.keystore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=AAEINBLR02717D-keystore.jks
searchguard.ssl.transport.keystore_password: 36375fb609b4231e4363
searchguard.ssl.transport.truststore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks
searchguard.ssl.transport.truststore_password: 76822cd1a1fe2a1c4b45***

**Certificates readme file:**

<a class='attachment' href='//discourse-cloud-file-uploads.s3.dualstack.us-west-2.amazonaws.com/business5/uploads/search_guard/original/1X/8759ccbdd95d84c725235a583fcfa8aec250e161.txt'>sgadmin_diag_trace_2017-Jun-29_15-00-42.txt</a> (17.2 KB)



<details class='elided'>
<summary title='Show trimmed content'>&#183;&#183;&#183;</summary>

On Tue, Jun 27, 2017 at 9:31 PM, SG <info@search-guard.com> wrote:
> 
> 
> 
> 
> > Am 27.06.2017 um 10:46 schrieb vinod hy <hy.vinod88@gmail.com>:
> 
> >
> 
> > Hi,
> 
> >
> 
> > Ok. I am doing to fresh installation for searchguard plugin.
> 
> >
> 
> > Step 1:
> 
> >
> 
> > In my office environment,
> 
> > elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.
> 
> >
> 
> > For that, i downloaded the plugin offline from the below link,
> 
> > [http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22](http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22)
> 
> >
> 
> > i downloaded the zip version. Please confirm if its the right one.
> 
> >
> 
> > Step 2:
> 
> >
> 
> > As per your advice, i got the certificates generated from the below link,
> 
> > [https://floragunn.com/tls-certificate-generator/](https://floragunn.com/tls-certificate-generator/)
> 
> >
> 
> > Now, Please tell me what to do next. You have any link which explains the steps for windows?
> 
> >
> 
> > Regards,
> 
> >
> 
> > Vinod H Y
> 
> >
> 
> >
> 
> > On Tue, Jun 27, 2017 at 3:10 AM, SG <info@search-guard.com> wrote:
> 
> > The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here [https://floragunn.com/tls-certificate-generator/](https://floragunn.com/tls-certificate-generator/)
> 
> > For sgadmin however there is a .bat file suitable for windows.
> 
> >
> 
> >
> 
> > > Am 26.06.2017 um 19:18 schrieb vinod hy <hy.vinod88@gmail.com>:
> 
> > >
> 
> > > Hi,
> 
> > >
> 
> > > Thanks for the info. I am using the below link to follow the steps,
> 
> > > [http://floragunncom.github.io/search-guard-docs/exampleELK.html](http://floragunncom.github.io/search-guard-docs/exampleELK.html)
> 
> > >
> 
> > > I have,
> 
> > > 1. installed the plugin using the below command,
> 
> > > elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12
> 
> > >
> 
> > > 2.Ran the sh install_demo_configuration.sh
> 
> > >    This modified the elasticsearch.yml file with searchguard ssl paths
> 
> > >
> 
> > >
> 
> > > 3. Now ifi try to run sh sgadmin_demo.sh, I get the below error,
> 
> > >   Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin
> 
> > >
> 
> > >
> 
> > > Please let me know the issue here.
> 
> > > And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.
> 
> > >
> 
> > > Regards,
> 
> > >
> 
> > > Vinod H Y
> 
> > >
> 
> > > On Mon, Jun 26, 2017 at 8:48 PM, SG <info@search-guard.com> wrote:
> 
> > >
> 
> > > > Am 26.06.2017 um 12:37 schrieb vinod hy <hy.vinod88@gmail.com>:
> 
> > > >
> 
> > > > Hi All,
> 
> > > >
> 
> > > > I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.
> 
> > > >
> 
> > >
> 
> > > Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?
> 
> > >
> 
> > >
> 
> > > > first of all please let me know if i can go ahead with searchguard.  My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.
> 
> > >
> 
> > > Search Guard should be running well on Windows.
> 
> > >
> 
> > > >
> 
> > > > which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.
> 
> > >
> 
> > > Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website ([https://floragunn.com/contact/](https://floragunn.com/contact/))
> 
> > > Pls. see also [https://floragunn.com/search-guard-elasticsearch-faq/](https://floragunn.com/search-guard-elasticsearch-faq/) and [https://floragunn.com/searchguard-license-support/](https://floragunn.com/searchguard-license-support/)
> 
> > >
> 
> > > >
> 
> > > > Regards,
> 
> > > >
> 
> > > > Vinod H Y
> 
> > > >
> 
> > > > --
> 
> > > > You received this message because you are subscribed to the Google Groups "Search Guard" group.
> 
> > > > To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> 
> > > > To post to this group, send email to search-guard@googlegroups.com.
> 
> > > > To view this discussion on the web visit [https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com](https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com).
> 
> > > > For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout).
> 
> > >
> 
> > > --
> 
> > > You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
> 
> > > To unsubscribe from this topic, visit [https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe](https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe).
> 
> > > To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
> 
> > > To post to this group, send email to search-guard@googlegroups.com.
> 
> > > To view this discussion on the web visit [https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com](https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com).
> 
> > > For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout).
> 
> > >
> 
> > >
> 
> > >
> 
> > > --
> 
> > > Regards,
> 
> > >
> 
> > > Vinod H Y
> 
> > >
> 
> > > --
> 
> > > You received this message because you are subscribed to the Google Groups "Search Guard" group.
> 
> > > To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> 
> > > To post to this group, send email to search-guard@googlegroups.com.
> 
> > > To view this discussion on the web visit [https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com](https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com).
> 
> > > For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout).
> 
> >
> 
> > --
> 
> > You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
> 
> > To unsubscribe from this topic, visit [https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe](https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe).
> 
> > To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
> 
> > To post to this group, send email to search-guard@googlegroups.com.
> 
> > To view this discussion on the web visit [https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com](https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com).
> 
> > For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout).
> 
> >
> 
> >
> 
> >
> 
> > --
> 
> > Regards,
> 
> >
> 
> > Vinod H Y
> 
> >
> 
> > --
> 
> > You received this message because you are subscribed to the Google Groups "Search Guard" group.
> 
> > To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
> 
> > To post to this group, send email to search-guard@googlegroups.com.
> 

> For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout).

> Install Plugin (online):
> 
> C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.2-12
> 
> 
> 
> Or install plugin offline (dowload search-guard-5-5.4.2-12.zip):
> 
> C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b file:///c:\temp\search-guard-5-5.4.2-12.zip
> 
> 
> 
> Get certificates from floragunn TLS certificate generator and put all *.jks files into the config/ folder of elasticsearch.
> 
> 
> 
> Edit elasticsearch.yml and add:
> 
> 
> 
> searchguard.authcz.admin_dn:
> 
>   - CN=sgadmin
> 
> 
> 
> searchguard.ssl.transport.keystore_filepath: CN=test-keystore.jks
> 
> searchguard.ssl.transport.keystore_password: 9eac388c9aaabec42528
> 
> searchguard.ssl.transport.truststore_filepath: truststore.jks
> 
> searchguard.ssl.transport.truststore_password: 2cef95ce1fceb3927cbe
> 
> 
> 
> (The paswords are contained in the Readme of the certificate bundle, these here are just examples)
> 
> 
> 
> Start elasticsearch and wait a minute until its started.
> 
> 
> 
> Make sure JAVA_HOME is set:
> 
> C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>echo %JAVA_HOME%
> 
> C:\Program Files\Java\jre1.8.0_131
> 
> 
> 
> If not set it to something like this:
> 
> C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>set JAVA_HOME=C:\Program Files\Java\jre1.8.0_131
> 
> 
> 
> Execute sgadmin to initialze Seatch Guard:
> 
> 
> 
> C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>sgadmin.bat -cd ..\sgconfig -ts C:\temp\elasticsearch-5.4.2\config\truststore.jks -tspass 2cef95ce1fceb
> 
> 3927cbe -ks “C:\temp\elasticsearch-5.4.2\config\CN=sgadmin-keystore.jks” -kspass 44491845dcdc0279d222 –nhnv
> 
> 
> 
> (The paswords are contained in the Readme of the certificate bundle, these here are just examples)
> 
> 
> 
> You're done
> > To view this discussion on the web visit [https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com](https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com).
> 
> > For more options, visit [https://groups.google.com/d/optout](https://groups.google.com/d/optout).
> 
> 
> 
> --
> 
> You received this message because you are subscribed to a topic in the Google Groups "Search Guard" group.
> 
> To unsubscribe from this topic, visit [https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe](https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe).
> 
> To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.
> 
> To post to this group, send email to search-guard@googlegroups.com.
> 
> To view this discussion on the web visit [https://groups.google.com/d/msgid/search-guard/D10A0A71-8791-408A-AC6A-FBA3D13245CA%40search-guard.com](https://groups.google.com/d/msgid/search-guard/D10A0A71-8791-408A-AC6A-FBA3D13245CA%40search-guard.com).

--

Regards,

Vinod H Y

</details>

Please can any one help me here. I am stuck

···

On Thursday, 29 June 2017 15:14:06 UTC+5:30, vinod hy wrote:

Hi,

I followed the steps as mentioned above. There are 2 issues i am observing,

Issue 1:

If i run localhost:9200 on browser, it displays error message as below,

***Search Guard not initialized (SG11). See [https://github.com/floragunncom/search-guard-docs/blob/master/sgadmin.md](https://github.com/floragunncom/search-guard-docs/blob/master/sgadmin.md)***
In elasticsearch.log, i can see the below trace,
***[2017-06-29T14:55:36,436][INFO ][c.f.s.c.IndexBaseConfigurationRepository] searchguard index does not exist yet, so no need to load config on node startup. Use sgadmin to initialize cluster***

**Issue 2:**

So the issue 1 is because i have not run sgadmin command. But when i run the sgadmin command as suggested by you in your mail, i get
___Cannot retrieve cluster state due to: None of the configured nodes are available: [{#transport#-1}{t_vvrQHFTruDXPcUgf3i-Q}{   localhost}{127.0.0.1:9300}]. This is not an error, will keep on trying ...
* Try running sgadmin.sh with -icl and -nhnv (If thats works you need to check your clustername as well as hostnames in your SSL certificates)
* If this is not working, try running sgadmin.sh with --diagnose and see diagnose trace log file)
15:00:52.735 [elasticsearch[_client_][transport_client_boss][T#3]] ERROR com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport - SSL Problem General SSLEngine problem___

***javax.net.ssl.SSLHandshakeException: General SSLEngine problem.***
***Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching localhost found.***
Then i ran sgadmin command in diagnose mode. I am attaching the diagnose logs with the mail.


**Elasticsearch.yml file changes:**
***  searchguard.authcz.admin_dn:
- CN=AAEINBLR02717D
searchguard.ssl.transport.keystore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=AAEINBLR02717D-keystore.jks
searchguard.ssl.transport.keystore_password: 36375fb609b4231e4363
searchguard.ssl.transport.truststore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks
searchguard.ssl.transport.truststore_password: 76822cd1a1fe2a1c4b45***

**Certificates readme file:**
**
Passwords: CA password: bda758dae3227ae72becb830d096d2


f2af518bd5 Truststore password: 76822cd1a1fe2a1c4b45 Admin keystore password: d6cc7eda4de8bfc52430 Demouser keystore password: 77e68e3cce628545ccee Host: AAEINBLR02717D AAEINBLR02717D keystore password: 36375fb609b4231e4363 searchguard.authcz.admin_dn: - CN=sgadmin**

**sgadmin command:**
***sgadmin.bat -cd ..\sgconfig -ts D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks -tspass 76821a1fe2a1c4b45 -ks D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=AAEINBLR02717D-keystore.jks -kspass 36375fb609b4231e4363 -nhnv --diagnose***


***Note:***
***I have manually copied the required truststore and keystore files as mentioned in the above paths in the elasticsearch config folder from the main certificate folder which i recieved from searchguard TLS generator link.***

Please help me in understanding the issue here.

Regards,
Vinod H Y






On Tue, Jun 27, 2017 at 9:31 PM, SG info@search-guard.com wrote:

Am 27.06.2017 um 10:46 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Ok. I am doing to fresh installation for searchguard plugin.

Step 1:

In my office environment,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12 command doesnt work.I get some connection errors.

For that, i downloaded the plugin offline from the below link,

http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22com.floragunn%22%20AND%20a%3A%22search-guard-5%22

i downloaded the zip version. Please confirm if its the right one.

Step 2:

As per your advice, i got the certificates generated from the below link,

https://floragunn.com/tls-certificate-generator/

Now, Please tell me what to do next. You have any link which explains the steps for windows?

Regards,

Vinod H Y

On Tue, Jun 27, 2017 at 3:10 AM, SG info@search-guard.com wrote:

The .sh scripts and the demo configuration do not work on windows normally, we recommend to generate certificates here https://floragunn.com/tls-certificate-generator/

For sgadmin however there is a .bat file suitable for windows.

Am 26.06.2017 um 19:18 schrieb vinod hy hy.vinod88@gmail.com:

Hi,

Thanks for the info. I am using the below link to follow the steps,

http://floragunncom.github.io/search-guard-docs/exampleELK.html

I have,

  1. installed the plugin using the below command,

elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.0-12

2.Ran the sh install_demo_configuration.sh

This modified the elasticsearch.yml file with searchguard ssl paths

  1. Now ifi try to run sh sgadmin_demo.sh, I get the below error,

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Please let me know the issue here.

And also i have generated SSL certificates which i want to use here. Not the ones that got generated. Please help me with this also.

Regards,

Vinod H Y

On Mon, Jun 26, 2017 at 8:48 PM, SG info@search-guard.com wrote:

Am 26.06.2017 um 12:37 schrieb vinod hy hy.vinod88@gmail.com:

Hi All,

I am using ELK in my development environment and i was able to set it up properly in windows environment. The complete ELK flow is working fine and i am able to see output in kibana. Now my requirement is to secure the ELK communication using SSL certificates. I have used x-pack for the same and i was able to achieve it. Since its not free, i am exploring searchguard and i am stuck.

Where are you stuck? What have you tried, what is not working? Can you send more details and logoutput?

first of all please let me know if i can go ahead with searchguard. My application is an enterprise application. All the communication has to be made secure once the application goes to production environment.

Search Guard should be running well on Windows.

which one do you recommend. x-pack or searchguard. is only cost the difference? or is there any other difference.

Depends on the features you need. For ore details about SG vs. X-Pack pls. contact us via mail or the contact form on the website (https://floragunn.com/contact/)

Pls. see also https://floragunn.com/search-guard-elasticsearch-faq/ and https://floragunn.com/searchguard-license-support/

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/d7424d9a-618f-47d0-95f0-253d0f380bee%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/FA4E890E-BFCA-4E08-98DA-B7BCB6F0B720%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJVGDJtOn5n6cLLGK7yJoz5%2BisPOrAr4njV8y-84coKb4Q%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/9AA196E3-79E1-4BDA-B434-B19F946F6B8A%40search-guard.com.

For more options, visit https://groups.google.com/d/optout.

Regards,

Vinod H Y

You received this message because you are subscribed to the Google Groups “Search Guard” group.

To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

Install Plugin (online):

C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b com.floragunn:search-guard-5:5.4.2-12

Or install plugin offline (dowload search-guard-5-5.4.2-12.zip):

C:\temp\elasticsearch-5.4.2>bin\elasticsearch-plugin install -b file:///c:\temp\search-guard-5-5.4.2-12.zip

Get certificates from floragunn TLS certificate generator and put all *.jks files into the config/ folder of elasticsearch.

Edit elasticsearch.yml and add:

searchguard.authcz.admin_dn:

  • CN=sgadmin

searchguard.ssl.transport.keystore_filepath: CN=test-keystore.jks

searchguard.ssl.transport.keystore_password: 9eac388c9aaabec42528

searchguard.ssl.transport.truststore_filepath: truststore.jks

searchguard.ssl.transport.truststore_password: 2cef95ce1fceb3927cbe

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

Start elasticsearch and wait a minute until its started.

Make sure JAVA_HOME is set:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>echo %JAVA_HOME%

C:\Program Files\Java\jre1.8.0_131

If not set it to something like this:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>set JAVA_HOME=C:\Program Files\Java\jre1.8.0_131

Execute sgadmin to initialze Seatch Guard:

C:\temp\elasticsearch-5.4.2\plugins\search-guard-5\tools>sgadmin.bat -cd …\sgconfig -ts C:\temp\elasticsearch-5.4.2\config\truststore.jks -tspass 2cef95ce1fceb

3927cbe -ks “C:\temp\elasticsearch-5.4.2\config\CN=sgadmin-keystore.jks” -kspass 44491845dcdc0279d222 –nhnv

(The paswords are contained in the Readme of the certificate bundle, these here are just examples)

You’re done

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/CAFPV%3DJW95FVkNwrJ0X2_Z4aF00XqXSyF5jZb5o2orG6cYsv39w%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

You received this message because you are subscribed to a topic in the Google Groups “Search Guard” group.

To unsubscribe from this topic, visit https://groups.google.com/d/topic/search-guard/qmHf_hLfIS0/unsubscribe.

To unsubscribe from this group and all its topics, send an email to search-guard+unsubscribe@googlegroups.com.

To post to this group, send email to search-guard@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/D10A0A71-8791-408A-AC6A-FBA3D13245CA%40search-guard.com.


Regards,

Vinod H Y