Elasticsearch 在加密通道上收到明文流量,关闭连接 Netty4TcpChannel

【问题标题】:Elasticsearch Received plaintext traffic on an encrypted channel, closing connection Netty4TcpChannelElasticsearch 在加密通道上收到明文流量,关闭连接 Netty4TcpChannel
【发布时间】:2022-07-16 17:04:29
【问题描述】:

我刚刚下载了 elasticsearch 并运行了 elasticsearch.bat。 所以我没有修改任何东西,但是当我尝试访问 localhost:9200 或 9300 时不起作用。

根据日志,它开始正常。

[2022-03-14T16:42:47,633][INFO ][o.e.i.r.RecoverySettings ] [DESKTOP-3DPA0JQ] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
[2022-03-14T16:42:47,664][INFO ][o.e.d.DiscoveryModule    ] [DESKTOP-3DPA0JQ] using discovery type [multi-node] and seed hosts providers [settings]
[2022-03-14T16:42:48,507][INFO ][o.e.n.Node               ] [DESKTOP-3DPA0JQ] initialized
[2022-03-14T16:42:48,508][INFO ][o.e.n.Node               ] [DESKTOP-3DPA0JQ] starting ...
[2022-03-14T16:42:48,564][INFO ][o.e.x.s.c.f.PersistentCache] [DESKTOP-3DPA0JQ] persistent cache index loaded
[2022-03-14T16:42:48,565][INFO ][o.e.x.d.l.DeprecationIndexingComponent] [DESKTOP-3DPA0JQ] deprecation component started
[2022-03-14T16:42:48,692][INFO ][o.e.t.TransportService   ] [DESKTOP-3DPA0JQ] publish_address {127.0.0.1:9300}, bound_addresses {127.0.0.1:9300}, {[::1]:9300}
[2022-03-14T16:42:49,065][INFO ][o.e.c.c.Coordinator      ] [DESKTOP-3DPA0JQ] cluster UUID [M7j_3np8QtCiMDZ8hLGu6w]
[2022-03-14T16:42:49,157][INFO ][o.e.c.s.MasterService    ] [DESKTOP-3DPA0JQ] elected-as-master ([1] nodes joined)[{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw} completing election, _BECOME_MASTER_TASK_, _FINISH_ELECTION_], term: 10, version: 142, delta: master node changed {previous [], current [{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}
[2022-03-14T16:42:49,269][INFO ][o.e.c.s.ClusterApplierService] [DESKTOP-3DPA0JQ] master node changed {previous [], current [{DESKTOP-3DPA0JQ}{n3yQhC4cQveWn_x7QrQPYQ}{QSgY7a2zQDWZClJOW_2yEg}{127.0.0.1}{127.0.0.1:9300}{cdfhilmrstw}]}, term: 10, version: 142, reason: Publication{term=10, version=142}
[2022-03-14T16:42:49,326][INFO ][o.e.h.AbstractHttpServerTransport] [DESKTOP-3DPA0JQ] publish_address {127.0.0.1:9200}, bound_addresses {127.0.0.1:9200}, {[::1]:9200}
[2022-03-14T16:42:49,327][INFO ][o.e.n.Node               ] [DESKTOP-3DPA0JQ] started
[2022-03-14T16:42:49,379][INFO ][o.e.l.LicenseService     ] [DESKTOP-3DPA0JQ] license [f997c03d-7240-4ecf-be38-65f043eea771] mode [basic] - valid
[2022-03-14T16:42:49,380][INFO ][o.e.x.s.a.Realms         ] [DESKTOP-3DPA0JQ] license mode is [basic], currently licensed security realms are [reserved/reserved,file/default_file,native/default_native]
[2022-03-14T16:42:49,386][INFO ][o.e.g.GatewayService     ] [DESKTOP-3DPA0JQ] recovered [2] indices into cluster_state
[2022-03-14T16:42:49,880][INFO ][o.e.c.r.a.AllocationService] [DESKTOP-3DPA0JQ] current.health="GREEN" message="Cluster health status changed from [RED] to [GREEN] (reason: [shards started [[.geoip_databases][0], [.security-7][0]]])." previous.health="RED" reason="shards started [[.geoip_databases][0], [.security-7][0]]"
[2022-03-14T16:42:50,142][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-Country.mmdb]
[2022-03-14T16:42:50,155][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-ASN.mmdb]
[2022-03-14T16:42:51,002][INFO ][o.e.i.g.DatabaseNodeService] [DESKTOP-3DPA0JQ] successfully loaded geoip database file [GeoLite2-City.mmdb]
[2022-03-14T16:42:54,067][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64318}
[2022-03-14T16:42:54,067][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64319}
[2022-03-14T16:42:54,068][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64320}
[2022-03-14T16:42:55,104][WARN ][o.e.x.s.t.n.SecurityNetty4HttpServerTransport] [DESKTOP-3DPA0JQ] received plaintext http traffic on an https channel, closing connection Netty4HttpChannel{localAddress=/[0:0:0:0:0:0:0:1]:9200, remoteAddress=/[0:0:0:0:0:0:0:1]:64321}

【问题讨论】:

  • 在最新版本 (ES8) 中,安全性默认开启(即 SSL/TLS)。你如何尝试访问 ES?
  • 直接在浏览器上localhost:9200
  • 好的,试试https://localhost:9200
  • @Val 我在使用localhost:9200 时收到此消息(此页面无法正常工作)。当我使用localhost:9200 时,我收到了这条消息(您的连接不是私人的)

标签: elasticsearch


【解决方案1】:

在最新版本 (ES8) 中,默认情况下启用安全性(即 SSL/TLS)。

如果您从浏览器访问,只需使用https 而不是http

https://localhost:9200
    ^
    |
 add this

【讨论】:

    【解决方案2】:

    xpack.security.enabled: 假

    xpack.security.enrollment.enabled: 假

    pack.security.http.ssl: 启用:假 keystore.path: certs/http.p12

    xpack.security.transport.ssl: 启用:假 验证模式:证书 keystore.path:证书/transport.p12 truststore.path: certs/transport.p12

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 2022-06-11
      • 1970-01-01
      • 2021-11-13
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 2019-08-20
      • 1970-01-01
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode