Addition of new elasticsearch nodes and security (SSL / TLS / HTTPS configuration)

I have a question about configuring additional new Elasticsearch nodes (SSL / TLS / HTTPS issue) and adding them to an existing cluster.

Earlier I secured the cluster according to the description:

Is it enough to create an instance yaml file with only new nodes and configure only new nodes?

Do you need to change certificates on existing nodes? (however, this is not required?)

Quick hint?

PS. Elasticsearch >= 7.5.0

I recommend following the actual documentation where it exists, in preference to a blog post that can become out of date, and only describes one of many possible configuration options.

Assuming you kept your CA cert and key in step 2-4 of the blog, you can use those in elasticsearch-certutil to generate additional node certificates, either using a new instances.yml or by passing options on the command line.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.