Unable to configure Elasticsearch https with SearchGuard

senthil_kumar · September 4, 2017, 11:25am

We are currently running Elasticsearch 5.4.2 in our organization. Currently, this is integrated with our Intranet site(developed with asp.net), and is used to search some important information regarding our business.

We are planning to move our intranet site from “http” to “https”. When the Intranet site runs under “https” and elasticsearch under “http”, we are receiving following error “jquery 1.12.4.min.js:4 Mixed Content: The page at ‘https://intranet/codesearch’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://intranet:9200/code2017/_search’. This request has been blocked; the content must be served over HTTPS”

Hence, we have decided to run elasticsearch under “https” and installed X-Pack. Now, the 30 days trail period of X-Pack is over. The pricing of X-Pack is high which we can’t afford. As an alternate, we tried with SearchGuard. The below steps have been taken to configure SG, but no luck.

Installed Searchguard
while running install_demo_configuration.sh, following error occurs.

read: unknown option: -p

read: usage: read [-r] [name …]
Instead of running install_demo_configuration.sh, created the “keystore.jks”,“truststore.jks” manually with powershell(by running base64) and moved them to elasticsearch config folder and added the following into elasticserach.yml file.

searchguard.ssl.transport.keystore_filepath: keystore.jks

searchguard.ssl.transport.truststore_filepath: truststore.jks

searchguard.ssl.transport.enforce_hostname_verification: false

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: keystore.jks

searchguard.ssl.http.truststore_filepath: truststore.jks

searchguard.authcz.admin_dn:

“CN=kirk,OU=client,O=client,L=test, C=de”

network.host: 0.0.0.0

cluster.name: searchguard_demo

After that, tried to run sgadmin_demo.sh, but, following error occurs

Error: Could not find or load main class com.floragunn.searchguard.tools.SearchGuardAdmin

Now, elasticsearch is in running state, but showing “Search Guard not initialized (SG11). See https://github.com/floragunncom/search-guard-docs/blob/master/sgadmin.md”

Our environment is

OS: Windows server 2012 R2

ES: elasticsearch 5.4.2

SG: searchguard 5.4.2

Java: jre1.8.0_121

Number of nodes: 1

Please help.

ali_aqdas_Shah · October 31, 2017, 10:23am

.

Topic		Replies	Views
How to Configure SearchGuard on Elasticsearch Cluster Search Guard	2	510	March 7, 2019
Please help me figure out why one SSL configuration works and one does not Search Guard	2	450	October 19, 2018
Please help configuring Elasticsearch with Search Guard Search Guard	6	1271	October 17, 2016
sgadmin stuck at "Contacting elasticsearch cluster 'elasticsearch' ..." on ES version 5.5.0 Search Guard	1	631	August 22, 2017
REST SSL issues Search Guard	0	367	August 16, 2015

Unable to configure Elasticsearch https with SearchGuard

Related Topics