sgadmin.bat doesnt connect to elasticsearch

[vinod hy]

Hi,

I got the TLS certificates generated from the searchguard TLS certificate generator link.

Initially i performed the following configuration changes,

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=localhost-keystore.jks

searchguard.ssl.http.keystore_password: 221749a2add117cf889f

searchguard.ssl.http.truststore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks 

searchguard.ssl.http.truststore_password: 6d6cf1cc017dc874960b 

searchguard.authcz.admin_dn:                                

  - CN=sgadmin 

searchguard.ssl.transport.keystore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=localhost-keystore.jks

searchguard.ssl.transport.keystore_password: 221749a2add117cf889f 

searchguard.ssl.transport.truststore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks 

searchguard.ssl.transport.truststore_password: 6d6cf1cc017dc874960b

Now i am trying to run the sgadmin.bat as below,

sgadmin.bat -cd ..\sgconfig -ts D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks -tspass 6d6cf1cc017dc874960b -ks D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=localhost-keystore.jks -kspass 221749a2add117cf889f –nhnv

The command successfully got executed. 

In kibana.yml, i made the following changes,

elasticsearch.url: "https://localhost:9200" 

elasticsearch.username: "admin"

elasticsearch.password: "admin"

elasticsearch.ssl.certificateAuthorities: [ "D:/Softwares/ELK/elasticsearch-5.4.0/elasticsearch-5.4.0/config/root-ca.crt" ]

kibana is able to connect to elasticsearch.

My issue:

Now in elasticsearch.yml, i have made below changes,

 

network.host: AAEINBLR02717D

searchguard.ssl.http.enabled: true

searchguard.ssl.http.keystore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=AAEINBLR02717D-keystore.jks

searchguard.ssl.http.keystore_password: 02d9b43a58d6e1060368

searchguard.ssl.http.truststore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks 

searchguard.ssl.http.truststore_password: c0659bb0b83d0afae81e 

searchguard.authcz.admin_dn:                                

  - CN=sgadmin 

searchguard.ssl.transport.keystore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\CN=AAEINBLR02717D-keystore.jks

searchguard.ssl.transport.keystore_password: 02d9b43a58d6e1060368 

searchguard.ssl.transport.truststore_filepath: D:\Softwares\ELK\elasticsearch-5.4.0\elasticsearch-5.4.0\config\truststore.jks 

searchguard.ssl.transport.truststore_password: c0659bb0b83d0afae81e

I am getting the below error,

Search Guard Admin v5

Will connect to localhost:9300

ERR: Seems there is no elasticsearch running on localhost:9300 - Will exit

Q1:why so.. 

Does it default connect to localhost only? 

Q2:f it allows only localhost, its difficult to connect. Only locally running logstash can connect to elasticsearch.

how can logstash residing on other machine communicate to elasticsearch residing on other machine.

[SG]

There is a bunch of parameters for sgadmin, one is --hostname or -h to run it against an other host than localhost
Just run sgadmin.sh without any parameters to get help (as for any other command line tool too)

You may also read the docs https://github.com/floragunncom/search-guard-docs/blob/master/sgadmin.md where all this is explained in detail

> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/5211d96b-77e7-4451-bda4-6225fb927d7d%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.