본문 바로가기
Infra/검색엔진

ES 설치확인

by 골든크랩 2023. 10. 31.
728x90
반응형

실행확인

 

elasticsearch@5f61a9282584:/usr/share$ curl --cacert /usr/share/elasticsearch/config/certs/http_ca.crt -u elastic https://localhost:9200

 

응답이 아래와 같음....정상적이지 않다.
Enter host password for user 'elastic':
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number

 

 

아래 참고글을 읽으며 ES랑 Kibana 서버에서 실행한 결과는 동일했다.

elasticsearch@5f61a9282584:/usr/share$ openssl ciphers -v | awk '{print $2}' | sort | uniq
SSLv3
TLSv1
TLSv1.2
TLSv1.3

 

elasticsearch@5f61a9282584:/usr/share$ openssl ciphers -v | awk '{print $2, $1}' | sort -u
SSLv3 AES128-SHA
SSLv3 AES256-SHA
SSLv3 DHE-PSK-AES128-CBC-SHA
SSLv3 DHE-PSK-AES256-CBC-SHA
SSLv3 DHE-RSA-AES128-SHA
SSLv3 DHE-RSA-AES256-SHA
SSLv3 PSK-AES128-CBC-SHA
SSLv3 PSK-AES256-CBC-SHA
SSLv3 RSA-PSK-AES128-CBC-SHA
SSLv3 RSA-PSK-AES256-CBC-SHA
SSLv3 SRP-AES-128-CBC-SHA
SSLv3 SRP-AES-256-CBC-SHA
SSLv3 SRP-RSA-AES-128-CBC-SHA
SSLv3 SRP-RSA-AES-256-CBC-SHA
TLSv1 DHE-PSK-AES128-CBC-SHA256
TLSv1 DHE-PSK-AES256-CBC-SHA384
TLSv1 ECDHE-ECDSA-AES128-SHA
TLSv1 ECDHE-ECDSA-AES256-SHA
TLSv1 ECDHE-PSK-AES128-CBC-SHA
TLSv1 ECDHE-PSK-AES128-CBC-SHA256
TLSv1 ECDHE-PSK-AES256-CBC-SHA
TLSv1 ECDHE-PSK-AES256-CBC-SHA384
TLSv1 ECDHE-RSA-AES128-SHA
TLSv1 ECDHE-RSA-AES256-SHA
TLSv1 PSK-AES128-CBC-SHA256
TLSv1 PSK-AES256-CBC-SHA384
TLSv1 RSA-PSK-AES128-CBC-SHA256
TLSv1 RSA-PSK-AES256-CBC-SHA384
TLSv1.2 AES128-GCM-SHA256
TLSv1.2 AES128-SHA256
TLSv1.2 AES256-GCM-SHA384
TLSv1.2 AES256-SHA256
TLSv1.2 DHE-PSK-AES128-GCM-SHA256
TLSv1.2 DHE-PSK-AES256-GCM-SHA384
TLSv1.2 DHE-PSK-CHACHA20-POLY1305
TLSv1.2 DHE-RSA-AES128-GCM-SHA256
TLSv1.2 DHE-RSA-AES128-SHA256
TLSv1.2 DHE-RSA-AES256-GCM-SHA384
TLSv1.2 DHE-RSA-AES256-SHA256
TLSv1.2 DHE-RSA-CHACHA20-POLY1305
TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256
TLSv1.2 ECDHE-ECDSA-AES128-SHA256
TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384
TLSv1.2 ECDHE-ECDSA-AES256-SHA384
TLSv1.2 ECDHE-ECDSA-CHACHA20-POLY1305
TLSv1.2 ECDHE-PSK-CHACHA20-POLY1305
TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256
TLSv1.2 ECDHE-RSA-AES128-SHA256
TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
TLSv1.2 ECDHE-RSA-AES256-SHA384
TLSv1.2 ECDHE-RSA-CHACHA20-POLY1305
TLSv1.2 PSK-AES128-GCM-SHA256
TLSv1.2 PSK-AES256-GCM-SHA384
TLSv1.2 PSK-CHACHA20-POLY1305
TLSv1.2 RSA-PSK-AES128-GCM-SHA256
TLSv1.2 RSA-PSK-AES256-GCM-SHA384
TLSv1.2 RSA-PSK-CHACHA20-POLY1305
TLSv1.3 TLS_AES_128_GCM_SHA256
TLSv1.3 TLS_AES_256_GCM_SHA384
TLSv1.3 TLS_CHACHA20_POLY1305_SHA256

 

 

 

elasticsearch@5f61a9282584:/$  openssl version
OpenSSL 1.1.1f  31 Mar 2020

 

 

 

elasticsearch@5f61a9282584:/$ curl --cacert /usr/share/elasticsearch/config/certs/http_ca.crt -u elastic https://localhost:9200/_cluster/health
Enter host password for user 'elastic':
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
elasticsearch@5f61a9282584:/$

 

 

 

참고)

https://caingwiz.tistory.com/58

 

[ Apache-Error ] SSL3_GET_RECORD:wrong version number(OpenSSL)

2020년 브라우저 vendor사 TLS Protocol 규제에 따른 사이드 이펙트로 인한 특정 서버들의 OS버전업/JDK버전업/OpenSSL프로토콜 버전업이 이루어졌다. 이로 인한 여러 오류들을 확인 할 수 있었으며, WEB영

caingwiz.tistory.com

 

728x90
반응형
저작자표시 비영리

'Infra > 검색엔진' 카테고리의 다른 글

용어 정리  (0) 2023.10.31
EL 구조  (0) 2023.10.27
EL 에서 데이터 입력/조회/삭제/업데이트 테스트  (0) 2023.10.27
EL과 RDB 비교  (0) 2023.10.27
kibana 설치하기 (8.7.0)  (0) 2023.08.30

관련글

댓글

티스토리툴바