Unfortunately, it does not want to work for me :-(
Spent a lot of time trying though.
Any idea why the handshake is not happening?
Thanx,
--mike
************************************************
This is alpha software, do not use in production
************************************************
[2016-01-08 16:05:37,447][INFO ][plugins ] [Alcmena] loaded [search-guard-ssl, search-guard-2], sites [head]
[2016-01-08 16:05:37,464][INFO ][env ] [Alcmena] using [1] data paths, mounts [[/home/mike (/home/mike/.Private)]], net usable_space [85.9gb], net total_space [149.2gb], spins? [possibly], types [ecryptfs]
[2016-01-08 16:05:37,522][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL OpenSSL 1.0.1f 6 Jan 2014 available
[2016-01-08 16:05:37,522][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL available ciphers [ECDHE-RSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, ECDHE-ECDSA-AES256-SHA, SRP-DSS-AES-256-CBC-SHA, SRP-RSA-AES-256-CBC-SHA, SRP-AES-256-CBC-SHA, DHE-DSS-AES256-GCM-SHA384, DHE-RSA-AES256-GCM-SHA384, DHE-RSA-AES256-SHA256, DHE-DSS-AES256-SHA256, DHE-RSA-AES256-SHA, DHE-DSS-AES256-SHA, DHE-RSA-CAMELLIA256-SHA, DHE-DSS-CAMELLIA256-SHA, AECDH-AES256-SHA, ADH-AES256-GCM-SHA384, ADH-AES256-SHA256, ADH-AES256-SHA, ADH-CAMELLIA256-SHA, ECDH-RSA-AES256-GCM-SHA384, ECDH-ECDSA-AES256-GCM-SHA384, ECDH-RSA-AES256-SHA384, ECDH-ECDSA-AES256-SHA384, ECDH-RSA-AES256-SHA, ECDH-ECDSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, CAMELLIA256-SHA, PSK-AES256-CBC-SHA, ECDHE-RSA-DES-CBC3-SHA, ECDHE-ECDSA-DES-CBC3-SHA, SRP-DSS-3DES-EDE-CBC-SHA, SRP-RSA-3DES-EDE-CBC-SHA, SRP-3DES-EDE-CBC-SHA, EDH-RSA-DES-CBC3-SHA, EDH-DSS-DES-CBC3-SHA, AECDH-DES-CBC3-SHA, ADH-DES-CBC3-SHA, ECDH-RSA-DES-CBC3-SHA, ECDH-ECDSA-DES-CBC3-SHA, DES-CBC3-SHA, PSK-3DES-EDE-CBC-SHA, ECDHE-RSA-AES128-GCM-SHA256, ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-RSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, ECDHE-ECDSA-AES128-SHA, SRP-DSS-AES-128-CBC-SHA, SRP-RSA-AES-128-CBC-SHA, SRP-AES-128-CBC-SHA, DHE-DSS-AES128-GCM-SHA256, DHE-RSA-AES128-GCM-SHA256, DHE-RSA-AES128-SHA256, DHE-DSS-AES128-SHA256, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA, DHE-RSA-SEED-SHA, DHE-DSS-SEED-SHA, DHE-RSA-CAMELLIA128-SHA, DHE-DSS-CAMELLIA128-SHA, AECDH-AES128-SHA, ADH-AES128-GCM-SHA256, ADH-AES128-SHA256, ADH-AES128-SHA, ADH-SEED-SHA, ADH-CAMELLIA128-SHA, ECDH-RSA-AES128-GCM-SHA256, ECDH-ECDSA-AES128-GCM-SHA256, ECDH-RSA-AES128-SHA256, ECDH-ECDSA-AES128-SHA256, ECDH-RSA-AES128-SHA, ECDH-ECDSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, SEED-SHA, CAMELLIA128-SHA, PSK-AES128-CBC-SHA, ECDHE-RSA-RC4-SHA, ECDHE-ECDSA-RC4-SHA, AECDH-RC4-SHA, ADH-RC4-MD5, ECDH-RSA-RC4-SHA, ECDH-ECDSA-RC4-SHA, RC4-SHA, RC4-MD5, PSK-RC4-SHA, EDH-RSA-DES-CBC-SHA, EDH-DSS-DES-CBC-SHA, ADH-DES-CBC-SHA, DES-CBC-SHA, EXP-EDH-RSA-DES-CBC-SHA, EXP-EDH-DSS-DES-CBC-SHA, EXP-ADH-DES-CBC-SHA, EXP-DES-CBC-SHA, EXP-RC2-CBC-MD5, EXP-ADH-RC4-MD5, EXP-RC4-MD5]
[2016-01-08 16:05:37,522][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL ALPN supported false
[2016-01-08 16:05:37,540][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslTransportClientProvider:OPENSSL
[2016-01-08 16:05:37,540][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslTransportServerProvider:OPENSSL
[2016-01-08 16:05:37,540][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] sslHTTPProvider:null
[2016-01-08 16:05:37,576][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] isOpenSSL:true
[2016-01-08 16:05:37,576][INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] isJDKSSL:false
[2016-01-08 16:05:37,804][INFO ][transport ] [Alcmena] Using [com.floragunn.searchguard.transport.SearchGuardTransportService] as transport service, overridden by [search-guard2]
[2016-01-08 16:05:37,805][INFO ][transport ] [Alcmena] Using [com.floragunn.searchguard.ssl.transport.SearchGuardSSLNettyTransport] as transport, overridden by [search-guard-ssl]
[2016-01-08 16:05:38,669][INFO ][node ] [Alcmena] initialized
[2016-01-08 16:05:38,670][INFO ][node ] [Alcmena] starting ...
[2016-01-08 16:05:38,743][INFO ][com.floragunn.searchguard.transport.SearchGuardTransportService] [Alcmena] publish_address {
127.0.0.1:9300}, bound_addresses {
127.0.0.1:9300}, {[::1]:9300}
[2016-01-08 16:05:38,749][DEBUG][action.admin.cluster.health] [Alcmena] no known master node, scheduling a retry
[2016-01-08 16:05:38,749][INFO ][discovery ] [Alcmena] elasticsearch/0MAXxFqgRaq3rYT2-sBoYw
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : handshake status: NOT_HANDSHAKING
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : handshake session: io.netty.handler.ssl.OpenSslEngine$OpenSslSession@7c5f9760
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : peer host: null
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : peer port: -1
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : task: null
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : sup protocols nb: 6
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : mode: false
[2016-01-08 16:05:38,946][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] SslHandler found : protocol: TLSv1.2
[2016-01-08 16:05:38,947][ERROR][com.floragunn.searchguard.ssl.transport.SearchGuardSSLTransportService$Interceptor] Can not verify SSL peer (SG 13) due to javax.net.ssl.SSLPeerUnverifiedException: peer not verified
javax.net.ssl.SSLPeerUnverifiedException: peer not verified
at io.netty.handler.ssl.OpenSslEngine$OpenSslSession.getPeerCertificates(OpenSslEngine.java:1626)