Configuration of elastic search using organisation specific certificates

Hi.
I have a 3 node cluster setup with 2 data nodes and 1 master node setup running with tls/ssl/https enabled with the help of elastic search offical documentation.
However I would like to use our internal organisation specific certificates (root ca certificate and sub ca certificate) and I am not having clarity on how to use these certificates in my elastic search and kibana config.

My elasticsearch.yml have the following security on properties on each node. (excluding the node specific properties)

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /data/ElasticSearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /data/ElasticSearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12

xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /data/ElasticSearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: /data/ElasticSearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.http.ssl.client_authentication: optional

I am not familiar with the security and certificate related concepts,. Went through the official documentation, but did not help much either. if anyone could help me out in this regard it would be great.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.