Elasticsearch8重置elastic用户密码

Elasticsearch8重置elastic用户密码elastic可以说是es中预留的一个用户名，在按照官网yum安装方法安装启动后通过下面的方式测试是否正确运行curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastichttps://localhost:9200因为安装完成后自动开启了安全访问，所以必须要加 --cacert参数指

小白努力变小黑

20115人浏览 · 2022-02-22 17:40:44

小白努力变小黑 · 2022-02-22 17:40:44 发布

Elasticsearch8重置elastic用户密码

elastic可以说是es中预留的一个用户名，在按照官网yum安装方法安装启动后通过下面的方式测试是否正确运行

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic  https://localhost:9200

因为安装完成后自动开启了安全访问，所以必须要加 --cacert参数指定安装自动生成的认证文件，协议必须是https，但是结果返回了：

{"error":{"root_cause":[{"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"unable to authenticate user [elastic] for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}

很纳闷，不知道为啥，既然是无法认证用户elastic，那怀疑是密码错误，接下来就是漫长的修改密码的过程，总结一下，希望有用。

首先在百度了之后，各种curl没有效果，只能官网里找文档，最终得到一个curl
https://www.elastic.co/guide/en/elasticsearch/reference/7.11/security-api-change-password.html

curl --cacert /etc/elasticsearch/certs/http_ca.crt -u elastic -X POST "https://localhost:9200/_security/user/elastic/_password?pretty" -H 'Content-Type: application/json' -d '{ "password" : "elastic"}'

这里注意，要加 --cacert参数，因为我们已经开启了安全验证，所以访问要有该参数，其次POST请求路径试了很多没有效果，最终使用官网的得到了解决。

下面是遇到的一些错误

错误一

使用bin目录下的

./elasticsearch-setup-passwords interactive

命令未能成功，报错信息

[elastic@centos8 bin]$ ./elasticsearch-setup-passwords interactive
warning: ignoring JAVA_HOME=/opt/java/jdk1.8.0_311; using bundled JDK

Failed to authenticate user 'elastic' against https://192.168.214.130:9200/_security/_authenticate?pretty
Possible causes include:
 * The password for the 'elastic' user has already been changed on this cluster
 * Your elasticsearch node is running against a different keystore
   This tool used the keystore at /etc/elasticsearch/elasticsearch.keystore

You can use the `elasticsearch-reset-password` CLI tool to reset the password of the 'elastic' user


ERROR: Failed to verify bootstrap password

最终通过bin目录下的

./elasticsearch-reset-password

命令重置了密码

错误二

[elastic@centos8 bin]$ curl -H "Content-Type:application/json" -XPOST -u test:123456 'https://localhost:9200/_xpack/security/user/elastic/_password' -d '{ "password" : "elastic" }'
curl: (60) SSL certificate problem: self signed certificate in certificate chain
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.