Hi.
I have a 3 node cluster setup with 2 data nodes and 1 master node setup running with tls/ssl/https enabled with the help of Elasticsearch offical documentation.
However I would like to use our internal organisation specific certificates (root ca certificate and sub ca certificate) and I am not having clarity on how to use these certificates in my Elasticsearch and kibana config.
My elasticsearch.yml have the following security on properties on each node. (excluding the node specific properties)
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /data/Elasticsearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /data/Elasticsearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: /data/Elasticsearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.http.ssl.truststore.path: /data/Elasticsearch/elasticsearch-7.11.2/config/certs/elastic-certificates.p12
xpack.security.http.ssl.client_authentication: optional
I am not familiar with the security and certificate related concepts,. Went through the official documentation, but did not help much either. if anyone could help me out in this regard it would be great.