Illegal parameter in http or transport request found

Hello,

I am trying to setup the certificates for my cluster, I followed the instructions at https://aws.amazon.com/blogs/opensource/add-ssl-certificates-open-distro-for-elasticsearch/ to create the certificates.

My master node loads, when i start my second node I get the following error message in the logs of my master node.

[2019-08-03T15:06:27,739][ERROR][c.a.o.s.t.OpenDistroSecurityRequestHandler] [es01] ElasticsearchException[Illegal parameter in http or transport request found.
This means that one node is trying to connect to another with
a non-node certificate (no OID or security.nodes_dn incorrect configured) or that someone
is spoofing requests. Check your TLS certificate setup as described here: See https://opendistro.github.io/for-elasticsearch-docs/docs/troubleshoot/tls/]

I checked out the page the error makes reference to and search the forum but now I’m stumped can get this to work :frowning:

I’ve also tried several syntax for the security.nodes_dn configuration with no success.

Any ideas on how to configure this?

Ok figured it out…

Started over from scratch and I followed the instructions on this page : https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/generate-certificates/#generate-an-admin-certificate

The problem was caused by my “opendistro_security.nodes_dn” configuration the documentation at (https://aws.amazon.com/blogs/opensource/add-ssl-certificates-open-distro-for-elasticsearch/) has the following example :

CN=node2.example.com,OU=SSL,O=Example Corp,L=London,C=GB

The OU=SSL was not valid in my case, I just removed it (since I did not put any while creating the certificate) and the nodes came up.

Hope this help :slight_smile: