[xpack.security.transport.ssl.truststore.password] is a non-secure setting and must be stored inside elasticsearch.yml, but was found inside the Elasticsearch keystore

[live-github]

Elasticsearch Version

8.15.1

Installed Plugins

No response

Java Version

jdk17

OS Version

debian 11

Problem Description

es 8.15.0 can start normally, but an error occurs on 8.15.1

elasticsearch.yml： xpack.security.enabled: true

xpack.security.enrollment.enabled: true

xpack.security.http.ssl: enabled: true verification_mode: certificate keystore.path: certs/http.p12

xpack.security.transport.ssl: enabled: true verification_mode: certificate keystore.path: certs/elastic-certificates.p12 truststore.path: certs/elastic-certificates.p12 client_authentication: required

No configuration xpack.security.transport.ssl.truststore.password

fatal exception while booting Elasticsearchjava.lang.IllegalArgumentException: Setting [xpack.security.transport.ssl.truststore.password] is a non-secure setting and must be stored inside elasticsearch.yml, but was found inside the Elasticsearch keystore at org.elasticsearch.server@8.15.1/org.elasticsearch.common.settings.Setting.innerGetRaw(Setting.java:618) at org.elasticsearch.server@8.15.1/org.elasticsearch.common.settings.Setting.getRaw(Setting.java:604) at org.elasticsearch.server@8.15.1/org.elasticsearch.common.settings.Setting.get(Setting.java:537) at org.elasticsearch.server@8.15.1/org.elasticsearch.common.settings.Setting.get(Setting.java:533) at org.elasticsearch.server@8.15.1/org.elasticsearch.common.settings.AbstractScopedSettings.validate(AbstractScopedSettings.java:603)

See logs for more details.

Steps to Reproduce

ES 8.15.0 upgrade 8.15.1, replace /urs/share/elasticsearch/

Logs (if relevant)

No response

[elasticsearchmachine]

Pinging @elastic/es-security (Team:Security)