From 825d522d5ce7f6e193ee6eb50b89d699ba3bf46d Mon Sep 17 00:00:00 2001
From: Your Name <youremail@example.com>
Date: Fri, 7 Nov 2025 05:19:25 -0600
Subject: [PATCH] Store bootstrap password only in keystore

---
 start.sh | 20 +-------------------
 1 file changed, 1 insertion(+), 19 deletions(-)

diff --git a/start.sh b/start.sh
index ebce891..16769a1 100644
--- a/start.sh
+++ b/start.sh
@@ -111,24 +111,6 @@ configure_elasticsearch() {
     chmod 755 $ES_PATH_CONF
     chown -R elasticsearch:elasticsearch $ES_PATH_CONF
     
-    # Add bootstrap password to keystore
-    echo "Setting bootstrap password..."
-    
-    # Verify keystore exists before trying to add password
-    if [ ! -f $ES_PATH_CONF/elasticsearch.keystore ]; then
-        echo "ERROR: Keystore not found, cannot add bootstrap password. Creating keystore first..."
-        setup_keystore || {
-            echo "CRITICAL ERROR: Failed to create keystore, cannot proceed."
-            exit 1
-        }
-    fi
-    
-    # Now add the bootstrap password
-    if ! printf "%s" "$ELASTIC_PASSWORD" | su -c "ES_PATH_CONF=$ES_PATH_CONF ES_JAVA_HOME=/app/data/jdk $ES_HOME/bin/elasticsearch-keystore add -f -x 'bootstrap.password' --stdin" elasticsearch; then
-        echo "ERROR: Failed to add bootstrap password to keystore."
-        exit 1
-    fi
-    
     # Copy configuration files if needed
     if [ ! -f $ES_PATH_CONF/elasticsearch.yml ]; then
         echo "Setting up configuration files..."
@@ -422,7 +404,7 @@ start_elasticsearch() {
     
     # Command to start Elasticsearch
     ES_START_CMD="ES_PATH_CONF=$ES_PATH_CONF ES_JAVA_HOME=/app/data/jdk $ES_HOME/bin/elasticsearch"
-    ES_START_CMD="$ES_START_CMD -E xpack.security.enabled=true -E bootstrap.password=$ELASTIC_PASSWORD"
+    ES_START_CMD="$ES_START_CMD -E xpack.security.enabled=true"
     # Add explicit settings for transport SSL
     ES_START_CMD="$ES_START_CMD -E xpack.security.transport.ssl.enabled=true"
     ES_START_CMD="$ES_START_CMD -E xpack.security.transport.ssl.verification_mode=certificate"