Hi,
When I try to integrate Search Guard with Elasticsearch I keep getting the following error
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
I use elasticsearch-7.6.1 and search-guard-7-7.6.1-40.0.0
Certificates are generated by download the certificates zip file (https://downloads.search-guard.com/resources/certificates/certificates.zip), unpacking it and placing all files in the \elasticsearch-7.6.1-windows-x86_64\elasticsearch-7.6.1\config directory
My elasticsearch.yml:
searchguard.ssl.transport.pemcert_filepath: esnode.pem
searchguard.ssl.transport.pemkey_filepath: esnode-key.pem
searchguard.ssl.transport.pemtrustedcas_filepath: root-ca.pem
searchguard.ssl.transport.enforce_hostname_verification: false
searchguard.ssl.http.enabled: true
searchguard.ssl.http.pemcert_filepath: esnode.pem
searchguard.ssl.http.pemkey_filepath: esnode-key.pem
searchguard.ssl.http.pemtrustedcas_filepath: root-ca.pem
searchguard.allow_unsafe_democertificates: true
searchguard.allow_default_init_sgindex: true
searchguard.authcz.admin_dn:
- CN=kirk,OU=client,O=client,L=test, C=de
searchguard.audit.type: internal_elasticsearch
searchguard.enable_snapshot_restore_privilege: true
searchguard.check_snapshot_restore_write_privileges: true
searchguard.restapi.roles_enabled: ["SGS_ALL_ACCESS"]
cluster.routing.allocation.disk.threshold_enabled: false
cluster.name: searchguard_demo
node.max_local_storage_nodes: 3
xpack.security.enabled: false
Am I not generating the certificate correctly? what am I doing wrong? Can anyone help me fix this problem.
Thanks in advance,