Elasticsearch8重置elastic用户密码
elastic可以说是es中预留的一个用户名,在按照官网yum安装方法安装启动后通过下面的方式测试是否正确运行
curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic https://localhost:9200
因为安装完成后自动开启了安全访问,所以必须要加 --cacert参数指定安装自动生成的认证文件,协议必须是https,但是结果返回了:
{"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/]","header":{"WWW-Authenticate":["Basic realm="security" charset="UTF-8"","Bearer realm="security"","ApiKey"]}}],"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/]","header":{"WWW-Authenticate":["Basic realm="security" charset="UTF-8"","Bearer realm="security"","ApiKey"]}},"status":401}
很纳闷,不知道为啥,既然是无法认证用户elastic,那怀疑是密码错误,接下来就是漫长的修改密码的过程,总结一下,希望有用。
首先在百度了之后,各种curl没有效果,只能官网里找文档,最终得到一个curl
curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic -X POST "https://localhost:9200/_security/user/elastic/_password?pretty" -H 'Content-Type: application/json' -d '{ "password" : "elastic"}'
这里注意,要加 --cacert参数,因为我们已经开启了安全验证,所以访问要有该参数,其次POST请求路径试了很多没有效果,最终使用官网的得到了解决。
下面是遇到的一些错误
错误一
使用bin目录下的
./elasticsearch-setup-passwords interactive
命令未能成功,报错信息
[elastic@centos8 bin]$ ./elasticsearch-setup-passwords interactive
warning: ignoring JAVA_HOME=/opt/java/jdk1.8.0_311; using bundled JDK
Failed to authenticate user 'elastic' against https://192.168.214.130:9200/_security/_authenticate?pretty
Possible causes include:
* The password for the 'elastic' user has already been changed on this cluster
* Your elasticsearch node is running against a different keystore
This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore
You can use the `elasticsearch-reset-password` CLI tool to reset the password of the 'elastic' user
ERROR: Failed to verify bootstrap password
最终通过bin目录下的
./elasticsearch-reset-password
命令重置了密码文章来源:https://www.toymoban.com/news/detail-527242.html
错误二
[elastic@centos8 bin]$ curl -H "Content-Type:application/json" -XPOST -u test:123456 'https://localhost:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "elastic" }'
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.haxx.se/docs/sslcerts.html
curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
这就是访问路径中没有 --cacert参数导致的文章来源地址https://www.toymoban.com/news/detail-527242.html
到了这里,关于Elasticsearch8重置elastic用户密码的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!