I asked this question on slack but no reply yet so asking here:
is there anything wrong with these ssl options, it doesn’t seem to be working, it always show 1 year certificate while accessing 9200 port
this is the operator’s ps output, i re-created elasticsearch quickstart but cert is still 1 year, anything I am doing wrong?
./elastic-operator manager --operator-roles all --log-verbosity=1 --cert-validity=15m --cert-rotate-before=5m
Thanks for bringing this up -- I could reproduce it and raised an issue here to fix it: https://github.com/elastic/cloud-on-k8s/issues/2540
In the meantime if you set the CA rotation parameters, that will also affect the certificates issued from the CA.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.