15

I am using Elastic 7.9.2 version and wanted to use security. so I ran :

bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""

and then added

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p1

in config/elasticsearch.yaml

Now when I am running the ES by

 bin/elasticsearch

getting below error :

"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials
 for REST request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-
8\""}}],"type":"security_exception","reason":"missing authentication credentials for REST 
request [/]","header":{"WWW-Authenticate":"Basic realm=\"security\" charset=\"UTF-
8\""}},"status":401}root@ip-localhost:/var/log/elasticsearch

Can anyone please help!

Tech Geek
  • 437
  • 1
  • 4
  • 19
  • 1
    Did you follow all the steps from the [documentation](https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-security.html), including creating the password for the built-in users? Also, what is in the elasticsearch log? The error you pasted is from a failed request. How did you made the request? – leandrojmp Oct 29 '20 at 23:39

6 Answers6

14

Just pass authentication credential with url like below

curl -X GET "http://localhost:9200" -u elastic:pass123
Sheikh Wasiu Al Hasib
  • 450
  • 5
  • 18
2

I had security already enabled and user authentication working. Kibana loaded fine.

I have a 3 node cluster and stopped elasticsearch service on each node so I could add transport ssl. After enabling xpack.security.transport.ssl.enabled and keystore and truststore settings, I got the same ""missing authentication credentials for REST request" error in Kibana. Turns out the error was because I only had one node running and needed a minimum of two. After enabling transport ssl on another node and starting it, kibana worked again.

Philip Holly
  • 713
  • 7
  • 18
0

If you enable security for your cluster you & still got some error with AUTH yours clients, documentation wrote, what you need enable ssl for client optional OR required. Please, read the original topic: https://discuss.elastic.co/t/missing-authentication-for-rest-request/154807/13

Boris Gelfandbein
  • 11
  • 2
0

You need to pass the credentials with your request with -u username:password

Srinivas Rayudu
  • 1
0
GET https://localhost:9200
Authorization: Basic elastic:{your user password}
Royer Adames
  • 868
  • 9
  • 13
  • See "[Explaining entirely code-based answers](https://meta.stackoverflow.com/q/392712/128421)". While this might be technically correct, it doesn't explain why it solves the problem or should be the selected answer. We should educate along with helping solve the problem. – the Tin Man Mar 22 '22 at 04:47
  • While this link may answer the question, it is better to include the essential parts of the answer here and provide the link for reference. Link-only answers can become invalid if the linked page changes. - [From Review](/review/low-quality-posts/31279494) – Francisco Puga Mar 24 '22 at 09:58
  • @FranciscoPuga Please pay attention when reviewing. This is not a link-only answer. – Mark Rotteveel Mar 24 '22 at 12:14
0

To add the credentials to curl, you need to know them. The root user is elastic, the passwords can be reset using

bin/elasticsearch-setup-passwords  auto

Then, you can use

curl -X GET "http://localhost:9200" -u elastic:password_from_console

as written above (go upvote).

serv-inc
  • 35,772
  • 9
  • 166
  • 188