TSLtool doesn't create nodes sertificate

44 views
Skip to first unread message

Sergey Murashov

unread,
Apr 24, 2018, 8:50:17 AM4/24/18
to Search Guard Community Forum
When asking questions, please provide the following information:

* Search Guard and Elasticsearch version 6.2.2
* JVM version and operating system version  build 1.8.0_161-b12
* Search Guard configuration files

I has root-ca.pem and .key in ./out folder.
When I write ./sgtlstool.sh -c ../config/test.yml -crt:

Exception in thread "main" java.lang.NullPointerException
at com.floragunn.searchguard.tools.tlstool.tasks.LoadCa.<init>(LoadCa.java:51)
at com.floragunn.searchguard.tools.tlstool.SearchGuardTlsTool.run(SearchGuardTlsTool.java:184)
at com.floragunn.searchguard.tools.tlstool.SearchGuardTlsTool.main(SearchGuardTlsTool.java:65)
and node certs not created.

test.yml:
ca:
   root:
#      dn: CN=Taxnet Root CA,OU=Taxnet Root CA,O=Taxnet Root CA
#      keysize: 2048
#      validityDays: 3650
      pkPassword: GO0FNhUQGURr
      file: root-ca.pem
defaults:
      validityDays: 3650
      pkPassword: auto
      generatedPasswordLength: 12
      httpsEnabled: true
      reuseTransportCertificatesForHttp: true
nodes:
#  - name: logstash.taxnet.ru
#    dn: CN=logstash.taxnet.ru
#    dns: logstash.taxnet.ru
#  - name: elastic1
#    dn: CN=elastic1
#    dns: elastic1
#  - name: elastic2
#    dn: CN=elastic2
#    dns: elastic2 
#  - name: elastic3
#    dn: CN=elastic3
#    dns: elastic3
#  - name: elastic4
#    dn: CN=elastic4
#    dns: elastic4
  - name: elastic-netflow
    dn: CN=elastic-netflow
    dns: elastic-netflow
#clients:
#   - name: sgadmin
#     dn: CN=sgadmin
#     admin: true
#   - name: user
#     dn: CN=user
#   - name: logstash
#     dn: CN=logstash
#     admin: true   

Jochen Kressin

unread,
Apr 25, 2018, 1:53:08 AM4/25/18
to Search Guard Community Forum
That might be an issue with the 1.1 release of the tool. Can I ask you to try again with v1.2. (just released):

Sergey Murashov

unread,
Apr 25, 2018, 1:51:48 PM4/25/18
to Search Guard Community Forum
Thank you. It's work!!)

Dave Bour

unread,
Apr 25, 2018, 5:16:21 PM4/25/18
to search...@googlegroups.com

On Wed, Apr 25, 2018, 13:51 Sergey Murashov <sergey....@gmail.com> wrote:
Thank you. It's work!!)

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
To post to this group, send email to search...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/a04e56e5-5d9a-473e-9f18-efc3ff2166e0%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages