Adding xpack.security.http.ssl.truststore.secure_password in the keystore

Hi

Wanted to know if elasticsearch-keystore add is the only way to add xpack.security.http.ssl.truststore.secure_password into the keystore?

Currently my keystore is generated using openssl and not generated using elasticsearch-keystore create

Any help is appreciated

Hi,

elasticsearch-keystore add is the only way to deal with the elasticsearch keystore.

I think you are confusing the elasticsearch keystore which is the keystore elasticsearch uses for its secure settings. You can't create this with other tools.

I think you mean the keystores that you use for TLS i.e. xpack.security.http.ssl.truststore and xpack.security.http.ssl.keystore

How does elasticsearch know where to find the keystore that stores the secure_passwords?
How do i specify the path for this?

The keystore is picked up from $ES_PATH_CONF which defaults to $ES_HOME/config. To be clear, you cannot just point that to an external ( JKS, P12, etc. ) keystore of your own. This is an internal implementation of elasticsearch.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.