Closed
Description
Elasticsearch should refuse to start if a secure setting is defined in elasticsearch.yml, in order to protect users from accidentally putting their secrets in a place where they are unexpectedly visible. However, settings in the keystore apparently quietly override those in elasticsearch.yml, which means that if you put a secure setting in both places then Elasticsearch will use the one from the keystore and will totally ignore the one in elasticsearch.yml instead of refusing to start.