Hi,
I'm desperately trying to enable TLS on my cluster (I want the node to use TLS for transport communication, for API access, and https for kibana).
My cluster is composed of 9 nodes, but may evolve in the future so I would like to have a wildcard certificate to use the same key/cert on every (future) member of the cluster.
I created DNS aliases for every member of my cluster as so:
nodename.mycluster.mycompany
Some examples:
master1.mycluster.mycompany
data2.mycluster.mycompany
...
Again, the idea is to allow my cluster to evolve without having to ask for new certificates every time.
In "short"...I want to have ONE certificate for *.myscluster.mycompany
I cannot use a wildcard based on the hostname since every servers use the same naming convention and using a wildcard at this level would allow far too many machine to use the cert/key.
In the documentation, I didn't find anything about it, and I tried different arguments for "certgen -csr"...but in the end it never worked.
What arguments should I use to get a proper certificate?
Thanks in advance!