Keystore was tampered with, or password was incorrect when running sgadmin

[bujar metaj]

Hi,

I am getting this error when running 'sgadmin.sh':

searchguard.authcz.admin_dn:

  - cn=admin,ou=Test,ou=ou,dc=company,dc=com

  - cn=smith,ou=IT,ou=IT,dc=company,dc=com

./sgadmin.sh -cd ../sgconfig/ -ks ../sgconfig/admin-keystore.jks -ts ../sgconfig/truststore.jks  -nhnv

ERR: An unexpected ElasticsearchSecurityException occured: Error while initializing transport SSL layer: java.io.IOException: Keystore was tampered with, or password was incorrect

Trace:

ElasticsearchSecurityException[Error while initializing transport SSL layer: java.io.IOException: Keystore was tampered with, or password was incorrect]; nested: IOException[Keystore was tampered with, or password was incorrect]; nested: UnrecoverableKeyException[Password verification failed];

at com.floragunn.searchguard.ssl.SearchGuardKeyStore.initSSLConfig(SearchGuardKeyStore.java:262)

at com.floragunn.searchguard.ssl.SearchGuardKeyStore.<init>(SearchGuardKeyStore.java:139)

at com.floragunn.searchguard.ssl.SearchGuardSSLModule.<init>(SearchGuardSSLModule.java:29)

at com.floragunn.searchguard.ssl.SearchGuardSSLPlugin.nodeModules(SearchGuardSSLPlugin.java:128)

at org.elasticsearch.plugins.PluginsService.nodeModules(PluginsService.java:263)

at org.elasticsearch.client.transport.TransportClient$Builder.build(TransportClient.java:139)

at com.floragunn.searchguard.tools.SearchGuardAdmin.main0(SearchGuardAdmin.java:245)

at com.floragunn.searchguard.tools.SearchGuardAdmin.main(SearchGuardAdmin.java:72)

Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect

at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:780)

at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:56)

at sun.security.provider.KeyStoreDelegator.engineLoad(KeyStoreDelegator.java:224)

at sun.security.provider.JavaKeyStore$DualFormatJKS.engineLoad(JavaKeyStore.java:70)

at java.security.KeyStore.load(KeyStore.java:1445)

at com.floragunn.searchguard.ssl.SearchGuardKeyStore.initSSLConfig(SearchGuardKeyStore.java:208)

... 7 more

Caused by: java.security.UnrecoverableKeyException: Password verification failed

at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:778)

... 12 more

can somebody tell me what are the following: 

 - cn 

 - ou

 - ou

 - dc

 - dc 

Many thanks

B 

[in...@search-guard.com]

The error message is quite clear:

Caused by: java.security.UnrecoverableKeyException: Password verification failed

You did not provide the passwords for the key- and truststore. Pls. use these command line options to set them:

   -kspass <password for keystore> 
   -tspass <password for truststore> 

The cn, ou etc. are the name parts of the DN (distinguished name) of your TLS certificate. You define them when generating the cert.