[root@elkman ~]$ /usr/share/elasticsearch/plugins/search-guard-2/tools/sgadmin.sh -h 192.168.0.1 -p 9300 -ks /usr/share/elasticsearch/plugins/search-guard-2/sgconfig/kirk-keystore.jks -ts /usr/share/elasticsearch/plugins/search-guard-2/sgconfig/truststore.jks -kspass changeit -tspass changeit -cd /usr/share/elasticsearch/plugins/search-guard-2/sgconfig/ -cn es_cluster -sniff -us 0
Connect to 192.168.0.1:9300
[09:36:21,060][ERROR] org.elasticsearch.com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport - [Karen Page] SSL Problem General OpenSslEngine problem
javax.net.ssl.SSLHandshakeException: General OpenSslEngine problem
at io.netty.handler.ssl.OpenSslContext$AbstractCertificateVerifier.verify(OpenSslContext.java:465)
at org.apache.tomcat.jni.SSL.readFromSSL(Native Method)
at io.netty.handler.ssl.OpenSslEngine.readPlaintextData(OpenSslEngine.java:377)
at io.netty.handler.ssl.OpenSslEngine.unwrap(OpenSslEngine.java:725)
at io.netty.handler.ssl.OpenSslEngine.unwrap(OpenSslEngine.java:831)
at io.netty.handler.ssl.OpenSslEngine.unwrap(OpenSslEngine.java:874)
at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1218)
at org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:852)
at org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:425)
at org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:303)
at org.jboss.netty.channel.SimpleChannelUpstreamHandler.handleUpstream(SimpleChannelUpstreamHandler.java:70)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:564)
at org.jboss.netty.channel.DefaultChannelPipeline.sendUpstream(DefaultChannelPipeline.java:559)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268)
at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255)
at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108)
at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:337)
at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89)
at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178)
at org.jboss.netty.util.ThreadRenamingRunnable.run(ThreadRenamingRunnable.java:108)
at org.jboss.netty.util.internal.DeadLockProofWorker$1.run(DeadLockProofWorker.java:42)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.security.cert.CertificateException: No subject alternative DNS name matching ip-192.168.0.1 found.
at sun.security.util.HostnameChecker.matchDNS(HostnameChecker.java:204)
at sun.security.util.HostnameChecker.match(HostnameChecker.java:95)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:455)
at sun.security.ssl.X509TrustManagerImpl.checkIdentity(X509TrustManagerImpl.java:436)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:252)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:136)
at io.netty.handler.ssl.OpenSslClientContext$1.verify(OpenSslClientContext.java:256)
at io.netty.handler.ssl.OpenSslContext$AbstractCertificateVerifier.verify(OpenSslContext.java:461)
… 24 more
ERR: Cannot connect to elasticsearch. Please refer to elasticsearch logfile for more information
Trace:
NoNodeAvailableException[None of the configured nodes are available: [{#transport#-1}{192.168.0.1}{localhost/192.168.0.1:9300}]]
at org.elasticsearch.client.transport.TransportClientNodesService.ensureNodesAreAvailable(TransportClientNodesService.java:290)
at org.elasticsearch.client.transport.TransportClientNodesService.execute(TransportClientNodesService.java:207)
at org.elasticsearch.client.transport.support.TransportProxyClient.execute(TransportProxyClient.java:55)
at org.elasticsearch.client.transport.TransportClient.doExecute(TransportClient.java:288)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:359)
at org.elasticsearch.client.support.AbstractClient.execute(AbstractClient.java:348)
at com.floragunn.searchguard.tools.SearchGuardAdmin.main0(SearchGuardAdmin.java:250)
[root@elkman ~]$ netstat -anp | grep LISTEN | grep java
tcp6 0 0 192.168.0.1:9200 :::* LISTEN 8364/java
tcp6 0 0 192.168.0.1:9201 :::* LISTEN 8276/java
tcp6 0 0 192.168.0.1:9202 :::* LISTEN 8455/java
tcp6 0 0 192.168.0.1:9300 :::* LISTEN 8276/java
tcp6 0 0 192.168.0.1:9301 :::* LISTEN 8364/java
tcp6 0 0 192.168.0.1:9302 :::* LISTEN 8455/java
at com.floragunn.searchguard.tools.SearchGuardAdmin.main(SearchGuardAdmin.java:72)
PIDs:
8276: ES-Master Node
8364: ES-Data Node
8455: ES-SLB Node
Please help me.