I’m trying to make clientcert auth work.
I switched on debugging, and all the client gets is a 403 and the logfile says:
Try to extract auth creds from http clientcert
I’m using a test cluster with the certs generated by example scripts.
Here’s the client command:
curl --cacert /etc/searchguard/example-pki-scripts/ca/chain-ca.pem -E /etc/searchguard/example-pki-scripts/kirk.all.pem https://node-1.example.com:9200/
Basic Auth for user kirk works fine.
Any idea where to start looking?