Issue Overview

Users encounter an error during Elasticsearch installation with the message: "invalid configuration for xpack.security.transport.ssl."

This error persists even when Xpack security is fully disabled in the elasticsearch.yml configuration file.

Error Details

1. Error Message: "invalid configuration for xpack.security.transport.ssl"
2. Logs:

• Global Search logs report a "Connection closed" error.
• Elasticsearch logs display the "invalid configuration for xpack.security.transport.ssl" message, even though Xpack security is disabled in the elasticsearch.yml configuration file.

Environment and Software Prerequisites

1. TeamConnect Version: 7.1
2. Operating System: The issue is reproducible in a Linux OS environment.
3. Elasticsearch Version: 8.6.2 (Download Link: Elasticsearch 8.6.2)
4. Documentation Reference: The existing installation documentation is available at Elasticsearch Setup for TeamConnect 7.1.

Troubleshooting

Following the below troubleshooting steps:

1. A fresh installation of Elasticsearch was performed to eliminate any installation-specific issues.
2. Multiple ports were tested to identify potential conflicts.
3. Elasticsearch was successfully installed on the user's local machine; however, the issue persisted in the Linux environment.
4. Xpack security was verified to be disabled in the elasticsearch.yml file, but the error still occurred.

Possible Causes

1. There may be a misconfiguration in the elasticsearch.yml file, preventing SSL-related settings in Xpack from being fully disabled.
2. In Elasticsearch version 8.6.2, some keystore properties might be pre-populated by default as part of the distribution, potentially causing conflicts.
   Reference: Elastic Forum - "Invalid configuration for xpack.security.transport.ssl"

Next Steps

Step 1: Review the elasticsearch.yml file for misconfiguration. Although the issue persists on Linux systems, ensure the following settings are in place:

# Disable xpack.security
xpack.security.enabled: false
 
# HTTP SSL (disabled)
# xpack.security.http.ssl.enabled: true
 
# Transport SSL (disabled)
# xpack.security.transport.ssl.enabled: true

Step 2: For Elasticsearch version 8.6.2, remove pre-populated keystore properties that might be causing conflicts:

• Use the elasticsearch-keystore command to remove conflicting properties:

bin/elasticsearch-keystore remove <property-name>

• Restart Elasticsearch to ensure the changes take effect and the keystore cache is cleared. Verify the changes by running:

bin/elasticsearch-keystore list

For production systems, ensure the necessary user permissions before executing commands:

1. Change ownership of the Elasticsearch folder:

sudo chown -R elasticsearch:elasticsearch .

2. List keystore properties:

sudo -u elasticsearch ./elasticsearch-keystore list

Example output:

keystore.seed
xpack.security.http.ssl.keystore.secure_password
xpack.security.transport.ssl.keystore.secure_password
xpack.security.transport.ssl.truststore.secure_password

3. Remove each property:

sudo -u elasticsearch ./elasticsearch-keystore remove xpack.security.http.ssl.keystore.secure_password
sudo -u elasticsearch ./elasticsearch-keystore remove xpack.security.transport.ssl.keystore.secure_password
sudo -u elasticsearch ./elasticsearch-keystore remove xpack.security.transport.ssl.truststore.secure_password
sudo -u elasticsearch ./elasticsearch-keystore remove keystore.seed

Step 3: After removing the keystore properties, ensure that xpack.security.enabled: false is explicitly set in the elasticsearch.yml file, and restart Elasticsearch.

Conclusion

Following Step 2 and Step 3, the issue should be successfully resolved.