Search Guard Error
570 views
Skip to first unread message
soporte...@gmail.com
Apr 14, 2016, 4:05:00 PM4/14/16
to Search Guard
I installed searchguard in a clean elasticsearch.
but when i start the service, the service stop in 1 sec.
the elasticsearch.log :
[2016-04-14 20:00:30,467][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
[2016-04-14 20:00:30,639][INFO ][node ] [Ord] version[2.3.1], pid[16177], build[bd98092/2016-04-04T12:25:05Z]
[2016-04-14 20:00:30,744][INFO ][node ] [Ord] initializing ...
[2016-04-14 20:00:31,450][ERROR][bootstrap ] Exception
ElasticsearchException[Failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]]; nested: InvocationTargetException; nested: IllegalStateException[SearchGuardSSLPlugin must be be installed];
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:483)
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:432)
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:129)
at org.elasticsearch.node.Node.<init>(Node.java:158)
at org.elasticsearch.node.Node.<init>(Node.java:140)
at org.elasticsearch.node.NodeBuilder.build(NodeBuilder.java:143)
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:178)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:472)
... 8 more
Caused by: java.lang.IllegalStateException: SearchGuardSSLPlugin must be be installed
at com.floragunn.searchguard.SearchGuardPlugin.checkSSLPluginAvailable(SearchGuardPlugin.java:138)
at com.floragunn.searchguard.SearchGuardPlugin.<init>(SearchGuardPlugin.java:56)
... 13 more
Thanks
but when i start the service, the service stop in 1 sec.
the elasticsearch.log :
[2016-04-14 20:00:30,467][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
[2016-04-14 20:00:30,639][INFO ][node ] [Ord] version[2.3.1], pid[16177], build[bd98092/2016-04-04T12:25:05Z]
[2016-04-14 20:00:30,744][INFO ][node ] [Ord] initializing ...
[2016-04-14 20:00:31,450][ERROR][bootstrap ] Exception
ElasticsearchException[Failed to load plugin class [com.floragunn.searchguard.SearchGuardPlugin]]; nested: InvocationTargetException; nested: IllegalStateException[SearchGuardSSLPlugin must be be installed];
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:483)
at org.elasticsearch.plugins.PluginsService.loadBundles(PluginsService.java:432)
at org.elasticsearch.plugins.PluginsService.<init>(PluginsService.java:129)
at org.elasticsearch.node.Node.<init>(Node.java:158)
at org.elasticsearch.node.Node.<init>(Node.java:140)
at org.elasticsearch.node.NodeBuilder.build(NodeBuilder.java:143)
at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:178)
at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at org.elasticsearch.plugins.PluginsService.loadPlugin(PluginsService.java:472)
... 8 more
Caused by: java.lang.IllegalStateException: SearchGuardSSLPlugin must be be installed
at com.floragunn.searchguard.SearchGuardPlugin.checkSSLPluginAvailable(SearchGuardPlugin.java:138)
at com.floragunn.searchguard.SearchGuardPlugin.<init>(SearchGuardPlugin.java:56)
... 13 more
Thanks
soporte...@gmail.com
Apr 18, 2016, 12:39:31 PM4/18/16
to Search Guard
I reinstal Step by step, and in this step i get this:
# plugins/search-guard-2/tools/sgadmin.sh -cd plugins/search-guard-2/sgconfig/ -ks plugins/search-guard-2/sgconfig/keystore.jks -ts plugins/search-guard-2/sgconfig/truststore.jks -nhnv
-bash: plugins/search-guard-2/tools/sgadmin.sh: Permission denied
what permissions????
# plugins/search-guard-2/tools/sgadmin.sh -cd plugins/search-guard-2/sgconfig/ -ks plugins/search-guard-2/sgconfig/keystore.jks -ts plugins/search-guard-2/sgconfig/truststore.jks -nhnv
-bash: plugins/search-guard-2/tools/sgadmin.sh: Permission denied
what permissions????
SG
Apr 19, 2016, 3:59:12 AM4/19/16
to search...@googlegroups.com
you missed
chmod +x plugins/search-guard-2/tools/sgadmin.sh
(the shell script is not executable, the "Permission denied" is a error message from your shell)
> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/492fbbb3-07dc-47e5-8f78-bae8e6a1675c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
chmod +x plugins/search-guard-2/tools/sgadmin.sh
(the shell script is not executable, the "Permission denied" is a error message from your shell)
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/492fbbb3-07dc-47e5-8f78-bae8e6a1675c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
soporte...@gmail.com
Apr 19, 2016, 10:55:28 AM4/19/16
to Search Guard
Thanks You!-
thats work!
no i have this error, i try to give permissions to the folder and file but nothing happened.
this is the ERROR:
Apr 19 14:54:37 usve77073 elasticsearch: log4j:WARN No appenders could be found for logger (common).
Apr 19 14:54:37 usve77073 elasticsearch: log4j:WARN Please initialize the log4j system properly.
Apr 19 14:54:37 usve77073 elasticsearch: log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Apr 19 14:54:37 usve77073 elasticsearch: Exception in thread "main" ElasticsearchException[Failed to load logging configuration]; nested: AccessDeniedException[/etc/elasticsearch/ca/signing-ca/private];
Apr 19 14:54:37 usve77073 elasticsearch: Likely root cause: java.nio.file.AccessDeniedException: /etc/elasticsearch/ca/signing-ca/private
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixFileSystemProvider.newDirectoryStream(UnixFileSystemProvider.java:427)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.Files.newDirectoryStream(Files.java:457)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.FileTreeWalker.visit(FileTreeWalker.java:300)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.FileTreeWalker.next(FileTreeWalker.java:372)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.Files.walkFileTree(Files.java:2706)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.common.logging.log4j.LogConfigurator.resolveConfig(LogConfigurator.java:142)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.common.logging.log4j.LogConfigurator.configure(LogConfigurator.java:103)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:243)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Apr 19 14:54:37 usve77073 elasticsearch: Refer to the log for complete error details.
thats work!
no i have this error, i try to give permissions to the folder and file but nothing happened.
this is the ERROR:
Apr 19 14:54:37 usve77073 elasticsearch: log4j:WARN No appenders could be found for logger (common).
Apr 19 14:54:37 usve77073 elasticsearch: log4j:WARN Please initialize the log4j system properly.
Apr 19 14:54:37 usve77073 elasticsearch: log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Apr 19 14:54:37 usve77073 elasticsearch: Exception in thread "main" ElasticsearchException[Failed to load logging configuration]; nested: AccessDeniedException[/etc/elasticsearch/ca/signing-ca/private];
Apr 19 14:54:37 usve77073 elasticsearch: Likely root cause: java.nio.file.AccessDeniedException: /etc/elasticsearch/ca/signing-ca/private
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixException.translateToIOException(UnixException.java:84)
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:102)
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixException.rethrowAsIOException(UnixException.java:107)
Apr 19 14:54:37 usve77073 elasticsearch: at sun.nio.fs.UnixFileSystemProvider.newDirectoryStream(UnixFileSystemProvider.java:427)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.Files.newDirectoryStream(Files.java:457)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.FileTreeWalker.visit(FileTreeWalker.java:300)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.FileTreeWalker.next(FileTreeWalker.java:372)
Apr 19 14:54:37 usve77073 elasticsearch: at java.nio.file.Files.walkFileTree(Files.java:2706)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.common.logging.log4j.LogConfigurator.resolveConfig(LogConfigurator.java:142)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.common.logging.log4j.LogConfigurator.configure(LogConfigurator.java:103)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:243)
Apr 19 14:54:37 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Apr 19 14:54:37 usve77073 elasticsearch: Refer to the log for complete error details.
soporte...@gmail.com
Apr 21, 2016, 11:02:10 AM4/21/16
to Search Guard
i can solve some things.. but the elastic dont start,
the error:
Apr 21 14:56:48 usve77073 elasticsearch: log4j:WARN No appenders could be found for logger (common).
Apr 21 14:56:48 usve77073 elasticsearch: log4j:WARN Please initialize the log4j system properly.
Apr 21 14:56:48 usve77073 elasticsearch: log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Apr 21 14:56:49 usve77073 elasticsearch: [2016-04-21 14:56:49,228][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
Apr 21 14:56:49 usve77073 elasticsearch: [2016-04-21 14:56:49,384][INFO ][node ] [Deathurge] version[2.3.1], pid[12243], build[bd98092/2016-04-04T12:25:05Z]
Apr 21 14:56:49 usve77073 elasticsearch: [2016-04-21 14:56:49,384][INFO ][node ] [Deathurge] initializing ...
Apr 21 14:56:50 usve77073 elasticsearch: ************************************************
Apr 21 14:56:50 usve77073 elasticsearch: This is alpha software, do not use in production
Apr 21 14:56:50 usve77073 elasticsearch: ************************************************
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,026][INFO ][plugins ] [Deathurge] modules [reindex, lang-expression, lang-groovy], plugins [search-guard-ssl, search-guard-2], sites []
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,053][INFO ][env ] [Deathurge] using [1] data paths, mounts [[/ (/dev/vzfs)]], net usable_space [375.3gb], net total_space [400gb], spins? [possibly], types [reiserfs]
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,053][INFO ][env ] [Deathurge] heap size [989.8mb], compressed ordinary object pointers [true]
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,053][WARN ][env ] [Deathurge] max file descriptors [65535] for elasticsearch process likely too low, consider increasing to at least [65536]
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,103][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: org.apache.tomcat.jni.SSL
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,104][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,104][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Effective settings:
Apr 21 14:56:50 usve77073 elasticsearch: client.type=node
Apr 21 14:56:50 usve77073 elasticsearch: cluster.name=elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: config.ignore_system_properties=true
Apr 21 14:56:50 usve77073 elasticsearch: name=Deathurge
Apr 21 14:56:50 usve77073 elasticsearch: path.conf=/etc/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: path.data=/var/lib/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: path.home=/usr/share/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: path.logs=/var/log/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: pidfile=/var/run/elasticsearch/elasticsearch.pid
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.enabled=true
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.keystore_filepath=/etc/elasticsearch/instore-keystore.jks
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.keystore_password=*********
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.keystore_type=JKS
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.truststore_filepath=/etc/elasticsearch/truststore.jks
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.truststore_password=*********
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.truststore_type=JKS
Apr 21 14:56:50 usve77073 elasticsearch: security.manager.enabled=false
Apr 21 14:56:50 usve77073 elasticsearch: Exception in thread "main" ElasticsearchException[Cannot recover key]; nested: UnrecoverableKeyException[Cannot recover key];
Apr 21 14:56:50 usve77073 elasticsearch: Likely root cause: java.security.UnrecoverableKeyException: Cannot recover key
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:146)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
Apr 21 14:56:50 usve77073 elasticsearch: at java.security.KeyStore.getKey(KeyStore.java:1023)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.util.SSLCertificateHelper.exportDecryptedKey(SSLCertificateHelper.java:84)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardKeyStore.initSSLConfig(SearchGuardKeyStore.java:192)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardKeyStore.<init>(SearchGuardKeyStore.java:132)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardSSLModule.<init>(SearchGuardSSLModule.java:29)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardSSLPlugin.nodeModules(SearchGuardSSLPlugin.java:113)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.plugins.PluginsService.nodeModules(PluginsService.java:263)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.node.Node.<init>(Node.java:179)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.node.Node.<init>(Node.java:140)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.node.NodeBuilder.build(NodeBuilder.java:143)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:178)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Apr 21 14:56:50 usve77073 elasticsearch: Refer to the log for complete error details.
the error:
Apr 21 14:56:48 usve77073 elasticsearch: log4j:WARN No appenders could be found for logger (common).
Apr 21 14:56:48 usve77073 elasticsearch: log4j:WARN Please initialize the log4j system properly.
Apr 21 14:56:48 usve77073 elasticsearch: log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more info.
Apr 21 14:56:49 usve77073 elasticsearch: [2016-04-21 14:56:49,228][WARN ][bootstrap ] unable to install syscall filter: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
Apr 21 14:56:49 usve77073 elasticsearch: [2016-04-21 14:56:49,384][INFO ][node ] [Deathurge] version[2.3.1], pid[12243], build[bd98092/2016-04-04T12:25:05Z]
Apr 21 14:56:49 usve77073 elasticsearch: [2016-04-21 14:56:49,384][INFO ][node ] [Deathurge] initializing ...
Apr 21 14:56:50 usve77073 elasticsearch: ************************************************
Apr 21 14:56:50 usve77073 elasticsearch: This is alpha software, do not use in production
Apr 21 14:56:50 usve77073 elasticsearch: ************************************************
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,026][INFO ][plugins ] [Deathurge] modules [reindex, lang-expression, lang-groovy], plugins [search-guard-ssl, search-guard-2], sites []
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,053][INFO ][env ] [Deathurge] using [1] data paths, mounts [[/ (/dev/vzfs)]], net usable_space [375.3gb], net total_space [400gb], spins? [possibly], types [reiserfs]
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,053][INFO ][env ] [Deathurge] heap size [989.8mb], compressed ordinary object pointers [true]
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,053][WARN ][env ] [Deathurge] max file descriptors [65535] for elasticsearch process likely too low, consider increasing to at least [65536]
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,103][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL not available (this is not an error, we simply fallback to built-in JDK SSL) because of java.lang.ClassNotFoundException: org.apache.tomcat.jni.SSL
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,104][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Config directory is /etc/elasticsearch/, from there the key- and truststore files are resolved relatively
Apr 21 14:56:50 usve77073 elasticsearch: [2016-04-21 14:56:50,104][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Effective settings:
Apr 21 14:56:50 usve77073 elasticsearch: client.type=node
Apr 21 14:56:50 usve77073 elasticsearch: cluster.name=elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: config.ignore_system_properties=true
Apr 21 14:56:50 usve77073 elasticsearch: name=Deathurge
Apr 21 14:56:50 usve77073 elasticsearch: path.conf=/etc/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: path.data=/var/lib/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: path.home=/usr/share/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: path.logs=/var/log/elasticsearch
Apr 21 14:56:50 usve77073 elasticsearch: pidfile=/var/run/elasticsearch/elasticsearch.pid
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.enabled=true
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.keystore_filepath=/etc/elasticsearch/instore-keystore.jks
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.keystore_password=*********
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.keystore_type=JKS
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.truststore_filepath=/etc/elasticsearch/truststore.jks
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.truststore_password=*********
Apr 21 14:56:50 usve77073 elasticsearch: searchguard.ssl.transport.truststore_type=JKS
Apr 21 14:56:50 usve77073 elasticsearch: security.manager.enabled=false
Apr 21 14:56:50 usve77073 elasticsearch: Exception in thread "main" ElasticsearchException[Cannot recover key]; nested: UnrecoverableKeyException[Cannot recover key];
Apr 21 14:56:50 usve77073 elasticsearch: Likely root cause: java.security.UnrecoverableKeyException: Cannot recover key
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.KeyProtector.recover(KeyProtector.java:328)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.JavaKeyStore.engineGetKey(JavaKeyStore.java:146)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.JavaKeyStore$JKS.engineGetKey(JavaKeyStore.java:56)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.KeyStoreDelegator.engineGetKey(KeyStoreDelegator.java:96)
Apr 21 14:56:50 usve77073 elasticsearch: at sun.security.provider.JavaKeyStore$DualFormatJKS.engineGetKey(JavaKeyStore.java:70)
Apr 21 14:56:50 usve77073 elasticsearch: at java.security.KeyStore.getKey(KeyStore.java:1023)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.util.SSLCertificateHelper.exportDecryptedKey(SSLCertificateHelper.java:84)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardKeyStore.initSSLConfig(SearchGuardKeyStore.java:192)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardKeyStore.<init>(SearchGuardKeyStore.java:132)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardSSLModule.<init>(SearchGuardSSLModule.java:29)
Apr 21 14:56:50 usve77073 elasticsearch: at com.floragunn.searchguard.ssl.SearchGuardSSLPlugin.nodeModules(SearchGuardSSLPlugin.java:113)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.plugins.PluginsService.nodeModules(PluginsService.java:263)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.node.Node.<init>(Node.java:179)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.node.Node.<init>(Node.java:140)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.node.NodeBuilder.build(NodeBuilder.java:143)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:178)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:270)
Apr 21 14:56:50 usve77073 elasticsearch: at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:35)
Apr 21 14:56:50 usve77073 elasticsearch: Refer to the log for complete error details.
Reply all
Reply to author
Forward
0 new messages