I am trying to install the Search Guard Plugin to elasticstack products running with/on a docker container and my final aim is to automate this partly with a script (attached) and some commands in the dockerfile.
If I execute sgadmin a second time (manually) in the container (exact parameters given in the script), the following message appears:
Will connect to localhost:9300 ... done
Unable to check whether cluster is sane: Cannot authenticate null
Connected as CN=kirk.localhost,OU=Ops,O=localhost\, Inc.,DC=localhost
ERR: CN=kirk.localhost,OU=Ops,O=localhost\, Inc.,DC=localhost is not an admin user
Seems you use a client certificate but this one is not registered as admin_dn
Make sure elasticsearch.yml on all nodes contains:
searchguard.authcz.admin_dn:
- "CN=kirk.localhost,OU=Ops,O=localhost\, Inc.,DC=localhost"
I would be absolutly greatful for any answer. Thank you for Search Guard and your answersanyways <3
* Search Guard and Elasticsearch version
search-guard-6:6.4.2-23.1, elasticsearchversion 6.4.2
* Installed and used enterprise modules, if any
none
* JVM version and operating system version
openjdk version "1.8.0_181"
OpenJDK Runtime Environment (build 1.8.0_181-8u181-b13-0ubuntu0.16.04.1-b13)
OpenJDK 64-Bit Server VM (build 25.181-b13, mixed mode) running in a docker container
* Search Guard configuration files
attached
* Elasticsearch log messages on debug level
{"type":"log","@timestamp":"2019-01-17T17:14:26Z","tags":["warning","stats-collection"],"pid":295,"message":"Unable to fetch data from reporting collector"}
{"type":"error","@timestamp":"2019-01-17T17:14:36Z","tags":["warning","stats-collection"],"pid":295,"level":"error","error":{"message":"Authentication Exception","name":"Error","stack":"Authentication Exception :: {\"path\":\"/.kibana/_search\",\"query\":{\"ignore_unavailable\":true,\"filter_path\":\"aggregations.types.buckets\"},\"body\":\"{\\\"size\\\":0,\\\"query\\\":{\\\"terms\\\":{\\\"type\\\":[\\\"dashboard\\\",\\\"visualization\\\",\\\"search\\\",\\\"index-pattern\\\",\\\"graph-workspace\\\",\\\"timelion-sheet\\\"]}},\\\"aggs\\\":{\\\"types\\\":{\\\"terms\\\":{\\\"field\\\":\\\"type\\\",\\\"size\\\":6}}}}\",\"statusCode\":401,\"response\":\"Unauthorized\",\"wwwAuthenticateDirective\":\"Basic realm=\\\"Search Guard\\\"\"}\n at respond (/opt/kibana/node_modules/elasticsearch/src/lib/transport.js:307:15)\n at checkRespForFailure (/opt/kibana/node_modules/elasticsearch/src/lib/transport.js:266:7)\n at HttpConnector.<anonymous> (/opt/kibana/node_modules/elasticsearch/src/lib/connectors/http.js:159:7)\n at IncomingMessage.bound (/opt/kibana/node_modules/elasticsearch/node_modules/lodash/dist/lodash.js:729:21)\n at emitNone (events.js:111:20)\n at IncomingMessage.emit (events.js:208:7)\n at endReadableNT (_stream_readable.js:1064:12)\n at _combinedTickCallback (internal/process/next_tick.js:138:11)\n at process._tickCallback (internal/process/next_tick.js:180:9)"},"message":"Authentication Exception"}
{"type":"log","@timestamp":"2019-01-17T17:14:36Z","tags":["warning","stats-collection"],"pid":295,"message":"Unable to fetch data from kibana collector"}
{"type":"error","@timestamp":"2019-01-17T17:14:36Z","tags":["warning","stats-collection"],"pid":295,"level":"error","error":{"message":"Authentication Exception","name":"Error","stack":"Authentication Exception :: {\"path\":\"/.kibana/doc/config%3A6.4.2\",\"query\":{},\"statusCode\":401,\"response\":\"Unauthorized\",\"wwwAuthenticateDirective\":\"Basic realm=\\\"Search Guard\\\"\"}\n at respond (/opt/kibana/node_modules/elasticsearch/src/lib/transport.js:307:15)\n at checkRespForFailure (/opt/kibana/node_modules/elasticsearch/src/lib/transport.js:266:7)\n at HttpConnector.<anonymous> (/opt/kibana/node_modules/elasticsearch/src/lib/connectors/http.js:159:7)\n at IncomingMessage.bound (/opt/kibana/node_modules/elasticsearch/node_modules/lodash/dist/lodash.js:729:21)\n at emitNone (events.js:111:20)\n at IncomingMessage.emit (events.js:208:7)\n at endReadableNT (_stream_readable.js:1064:12)\n at _combinedTickCallback (internal/process/next_tick.js:138:11)\n at process._tickCallback (internal/process/next_tick.js:180:9)"},"message":"Authentication Exception"}
{"type":"log","@timestamp":"2019-01-17T17:14:36Z","tags":["warning","stats-collection"],"pid":295,"message":"Unable to fetch data from kibana_settings collector"}
{"type":"error","@timestamp":"2019-01-17T17:14:36Z","tags":["warning","stats-collection"],"pid":295,"level":"error","error":{"message":"Authentication Exception","name":"Error","stack":"Authentication Exception :: {\"path\":\"/.reporting-*/_search\",\"query\":{\"filter_path\":\"hits.total,aggregations.jobTypes.buckets,aggregations.objectTypes.buckets,aggregations.layoutTypes.buckets,aggregations.statusTypes.buckets\"},\"body\":\"{\\\"size\\\":0,\\\"aggs\\\":{\\\"jobTypes\\\":{\\\"terms\\\":{\\\"field\\\":\\\"jobtype\\\",\\\"size\\\":2}},\\\"objectTypes\\\":{\\\"terms\\\":{\\\"field\\\":\\\"meta.objectType.keyword\\\",\\\"size\\\":3}},\\\"layoutTypes\\\":{\\\"terms\\\":{\\\"field\\\":\\\"meta.layout.keyword\\\",\\\"size\\\":3}},\\\"statusTypes\\\":{\\\"terms\\\":{\\\"field\\\":\\\"status\\\",\\\"size\\\":4}}}}\",\"statusCode\":401,\"response\":\"Unauthorized\",\"wwwAuthenticateDirective\":\"Basic realm=\\\"Search Guard\\\"\"}\n at respond (/opt/kibana/node_modules/elasticsearch/src/lib/transport.js:307:15)\n at checkRespForFailure (/opt/kibana/node_modules/elasticsearch/src/lib/transport.js:266:7)\n at HttpConnector.<anonymous> (/opt/kibana/node_modules/elasticsearch/src/lib/connectors/http.js:159:7)\n at IncomingMessage.bound (/opt/kibana/node_modules/elasticsearch/node_modules/lodash/dist/lodash.js:729:21)\n at emitNone (events.js:111:20)\n at IncomingMessage.emit (events.js:208:7)\n at endReadableNT (_stream_readable.js:1064:12)\n at _combinedTickCallback (internal/process/next_tick.js:138:11)\n at process._tickCallback (internal/process/next_tick.js:180:9)"},"message":"Authentication Exception"}
{"type":"log","@timestamp":"2019-01-17T17:14:36Z","tags":["warning","stats-collection"],"pid":295,"message":"Unable to fetch data from reporting collector"}