How To Solve Issues Related to Log – Rejecting certificate with common-names

How To Solve Issues Related to Log – Rejecting certificate with common-names

Updated: Jan-20

Elasticsearch Version: 1.7-8.0

Background

Before you begin reading this guide try our beta Elasticsearch Health Check-Up it analyses JSON’s to provide personalized recommendations that can improve your clusters performance.


To troubleshoot log “Rejecting certificate with common-names” it’s important to understand a few problems related to Elasticsearch concepts plugin. See bellow important tips and explanations on these concepts

Log Context

Log”Rejecting certificate [{}] [{}] with common-names [{}]” classname is RestrictedTrustManager.java
We extracted the following from Elasticsearch source code for those seeking an in-depth context :

         Set names = readCommonNames(certificate);
        if (verifyCertificateNames(names)) {
            logger.debug(() -> new ParameterizedMessage("Trusting certificate [{}] [{}] with common-names [{}]";
                    certificate.getSubjectDN(); certificate.getSerialNumber().toString(16); names));
        } else {
            logger.info("Rejecting certificate [{}] [{}] with common-names [{}]";
                    certificate.getSubjectDN(); certificate.getSerialNumber().toString(16); names);
            throw new CertificateException("Certificate for " + certificate.getSubjectDN() +
                    " with common-names " + names
                    + " does not match the trusted names " + trustRestrictions.getTrustedNames());
        }




Related issues to this log

We have gathered selected Q&A from the community and issues from Github, that can help fix related issues please review the following for further information :

1 De Js Hostname Ip Doesnt Match Cert  

Stname Ip Doesnt Match Certificates  

About Opster

Opster detects root causes of Elasticsearch problems, provides automated recommendations and can perform various actions to prevent issues and optimize performance

Find Configuration Errors

Analyze Now