使用了search-guard-5后，ES-head和cerebro-0.6.6 都无法通过认证了？

search guard 可以配置账号密码通过（非严格验证），ES-head我没用过，不清楚（不过非严重验证的时候，通过http也是可以访问集群的）；cerebro在配置文件中有添加账号密码的配置。我们用的是cerebro0.8.1，不过我想都差不多吧。
 
https://docs.search-guard.com/ ... guard
这里是search guard官网关于cerebro的配置示例。

报错日志信息[2017-10-11T15:33:07,962][ERROR][c.f.s.h.SearchGuardHttpServerTransport] [es_node1_172.18.238.3] SSL Problem Received fatal alert: bad_certificate
javax.net.ssl.SSLException: Received fatal alert: bad_certificate
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) ~[?:?]
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666) ~[?:?]
        at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634) ~[?:?]
        at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1800) ~[?:?]
        at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1083) ~[?:?]
        at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:907) ~[?:?]
        at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781) ~[?:?]
        at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) ~[?:1.8.0_131]
        at io.netty.handler.ssl.SslHandler$SslEngineType$3.unwrap(SslHandler.java:254) ~[netty-handler-4.1.11.Final.jar:4.1.11.Final]
        at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1156) ~[netty-handler-4.1.11.Final.jar:4.1.11.Final]
        at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1078) ~[netty-handler-4.1.11.Final.jar:4.1.11.Final]
        at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:489) ~[netty-codec-4.1.11.Final.jar:4.1.11.Final]
        at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:428) ~[netty-codec-4.1.11.Final.jar:4.1.11.Final]
        at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:265) ~[netty-codec-4.1.11.Final.jar:4.1.11.Final]
        at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:362) [netty-transport-4.1.11.F

同样遇到此问题，没有大神来助？

在 elasticsearch.yml 配置以下内容：
http.cors.enabled: true 
http.cors.allow-origin: "*" 
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type 
http.cors.allow-credentials: true 
使用下面格式登陆head
http://localhost:9100/%3Fauth_ ... admin
要检查head插件发送的请求，看看当前账号是否权限不足,如果跟我的情况一样，就换admin账号