Check that you have enabled OpenSSL in
elasticsearch.yml (which is the default)
If you did all the steps above and start your nodes, you should see an entry similar to this in the logfile:
[INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL OpenSSL 1.0.2d 9 Jul 2015 available [INFO ][com.floragunn.searchguard.ssl.SearchGuardKeyStore] Open SSL available ciphers [ECDHE-RSA-AES256-GCM-SHA384,...
If you see one of those two error messages in the logfile, OpenSSL is not available and we fall back to JCE.
- netty-tcnative jar is missing
- make sure you use the netty-tcnative jar matching your platform, either
- OpenSSL is not installed. See above.
- Apache Portable Runtime (APR) is not installed. See above.
- Make sure your /tmp directory is writeable and not mounted with noexec
- If you run inside a docker container AUFS filesystem for /tmp can make trouble
More about netty-tcnative can be found here.