Home > Mobile >  Elasticsearch showing received plaintext http traffic on an https channel in console
Elasticsearch showing received plaintext http traffic on an https channel in console

Time:03-17

I am trying to setup elasticsearch in my Windows system but when I am trying to run it its starting up and showing below reponse when I redirect to http://localhost:9200.

{
  "name" : "DESKTOP-L8UKCFI",
  "cluster_name" : "elasticsearch",
  "cluster_uuid" : "z8IfZcFaQfSti3P4jhZxbg",
 "version" : {
   "number" : "8.1.0",
   "build_flavor" : "default",
   "build_type" : "zip",
   "build_hash" : "3700f7679f7d95e36da0b43762189bab189bc53a",
   "build_date" : "2022-03-03T14:20:00.690422633Z",
   "build_snapshot" : false,
   "lucene_version" : "9.0.0",
   "minimum_wire_compatibility_version" : "7.17.0",
   "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "You Know, for Search"
 }

But in console its showing something like this

[2022-03-16T11:26:12,307][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP- 
L8UKCFI] received plaintext http traffic on an https channel, closing connection 
Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:5996}


[2022-03-16T11:31:56,806][WARN ] 
[o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-L8UKCFI] http 
client did not trust this server's certificate, closing connection 
Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, 
remoteAddress=/[0:0:0:0:0:0:0:1]:6215}

elasticsearch.yml

> # ======================== Elasticsearch Configuration =========================

NOTE: Elasticsearch comes with reasonable defaults for most settings.

Before you set out to tweak and tune the configuration, make sure you

understand what are you trying to accomplish and the consequences.

The primary way of configuring a node is via this file. This template lists

the most important settings you may want to configure for a production cluster.

Please consult the documentation for further information on configuration options:

https://www.elastic.co/guide/en/elasticsearch/reference/index.html

---------------------------------- Cluster -----------------------------------

Use a descriptive name for your cluster:

#cluster.name: my-application

------------------------------------ Node ------------------------------------

Use a descriptive name for the node:

#node.name: node-1

Add custom attributes to the node:

#node.attr.rack: r1

----------------------------------- Paths ------------------------------------

Path to directory where to store the data (separate multiple locations by comma):

#path.data: /path/to/data

Path to log files:

#path.logs: /path/to/logs

----------------------------------- Memory -----------------------------------

Lock the memory on startup:

#bootstrap.memory_lock: true

Make sure that the heap size is set to about half the memory available

on the system and that the owner of the process is allowed to use this

limit.

Elasticsearch performs poorly when the system is swapping the memory.

---------------------------------- Network -----------------------------------

By default Elasticsearch is only accessible on localhost. Set a different

address here to expose this node on the network:

#network.host: 192.168.0.1

By default Elasticsearch listens for HTTP traffic on the first free port it

finds starting at 9200. Set a specific HTTP port here:

#http.port: 9200

For more information, consult the network module documentation.

--------------------------------- Discovery ----------------------------------

Pass an initial list of hosts to perform discovery when this node is started:

The default list of hosts is ["127.0.0.1", "[::1]"]

#discovery.seed_hosts: ["host1", "host2"]

Bootstrap the cluster using an initial set of master-eligible nodes:

#cluster.initial_master_nodes: ["node-1", "node-2"]

For more information, consult the discovery and cluster formation module documentation.

---------------------------------- Various -----------------------------------

Allow wildcard deletion of indices:

#action.destructive_requires_name: false

#----------------------- BEGIN SECURITY AUTO CONFIGURATION -----------------------

The following settings, TLS certificates, and keys have been automatically

generated to configure Elasticsearch security features on 16-03-2022 06:55:18

--------------------------------------------------------------------------------

Enable security features

xpack.security.enabled: false

xpack.security.enrollment.enabled: false

Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents

xpack.security.http.ssl: enabled: false keystore.path: certs/http.p12

Enable encryption and mutual authentication between cluster nodes

xpack.security.transport.ssl: enabled: false verification_mode: certificate keystore.path: certs/transport.p12 truststore.path: certs/transport.p12

Create a new cluster with the current node only

Additional nodes can still join the cluster later

cluster.initial_master_nodes: ["DESKTOP-L8UKCFI"]

Allow HTTP API connections from localhost and local networks

Connections are encrypted and require user authentication

http.host: [local, site]

Allow other nodes to join the cluster from localhost and local networks

Connections are encrypted and mutually authenticated

#transport.host: [local, site]

#----------------------- END SECURITY AUTO CONFIGURATION -------------------------

What does it mean someone let me know.

CodePudding user response:

As of ES 8, SSL/TLS is ON by default for HTTP clients.

The WARN message says

http client did not trust this server's certificate

... which means that you need to tell your browser to trust the server certificate. it is self-signed by default, so that's probably the reason.

Or you can simply disable SSL in your elasticsearch.yml configuration, that would also work.

  • Related