Hi
Got an ES cluster with self signed certificates and using Curator to do maintenance. Can anyone either:
Thanks
How are your nodes secured right now? If you’re connecting via SSL with self-signed certificates, how were they generated?
A full discussion of generating and using SSL/TLS certificates is beyond the scope of this topic. You would be well-served to follow the instructions in this guide for securing Elasticsearch client traffic.
If you have xpack.ssl.verification_mode set to full, then Curator will require the CA certificate, as well as its own public and private keys. If you have xpack.ssl.verification_mode set to certificate, then Curator should only need the CA certificate.
Hi Aaron,
Thank you for your reply.
The cluster is using SearchGuard with self issued SSL/TLS certificates. Managed to solve the issue, and route all requests from Curator by our NLB with a valid SSL certificate.
However, for future readers and users of Curator, it might be nice to know how either to disable the urllib3 warnings for the Windows binaries or how to setup Curator with a self issued ca root certificate with a Windows file system.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.