I am trying to configure OIDC according to documentation. According to instructions, I have to store xpack.security.authc.realms.oidc.oidc1.rp.client_secret
into keystore.
bin/elasticsearch-keystore add xpack.security.authc.realms.oidc.oidc1.rp.client_secret
This works fine, except, when I restart my elasticsearch I will lost my secret stored in keystore.
I google little bit, and find this issue. According to solution, which was already merged, I should be able to add values to keystore via ELASTICSEARCH_KEYS
variable. I tested it on elastic 7.8.1
, 7.9.1
and 7.9.2
, none of them works properly. Env variable ELASTICSEARCH_KEYS
is present with right values.
Right now, I am running Elasticsearch 7.8.1
in Kubernetes, and my tests I performed locally runs in docker.
How can I settle up OIDC right now, what are my options?
Why ELASTICSEARCH_KEYS
variable does not work? From comments, they fixed it for versions 7.X
.
Thank you.