Hi,
I’m using ES 7.0.1 cluster mode with 3 nodes on different servers. There are a lot of WARN: [c.f.s.s.h.n.SearchGuardSSLNettyHttpServerTransport] [uklvadsb0234] Someone (null) speaks http plaintext instead of ssl, will close the channel
in the es node logs after sg is pluged in. I also enabled debug log config but nothing special appears either.
I just followed the " demo installation" steps and nothing special configuration.
Here is the sg config in elasticsearch.yaml
######## Start Search Guard Demo Configuration ########
WARNING: revise all the lines below before you go into production
searchguard.ssl.transport.pemcert_filepath: esnode.pem
searchguard.ssl.transport.pemkey_filepath: esnode-key.pem
searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem
searchguard.ssl.transport.enforce_hostname_verification: false
searchguard.ssl.http.enabled: true
searchguard.ssl.http.pemcert_filepath: esnode.pem
searchguard.ssl.http.pemkey_filepath: esnode-key.pem
searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem
searchguard.allow_unsafe_democertificates: true
searchguard.allow_default_init_sgindex: true
searchguard.authcz.admin_dn:
- CN=kirk,OU=client,O=client,L=test, C=de
searchguard.audit.type: internal_elasticsearch
searchguard.enable_snapshot_restore_privilege: true
searchguard.check_snapshot_restore_write_privileges: true
searchguard.restapi.roles_enabled: [“SGS_ALL_ACCESS”]
node.max_local_storage_nodes: 3
xpack.security.enabled: false
xpack.monitoring.enabled: true
######## End Search Guard Demo Configuration ########
I have no clue with it, please help with this. thank you in advance.