Elastic TLS: "xpack.security.http.ssl.enabled: true" vs proxy


Elastic 7.11.1

Planning on configuring TLS for elasticsearch port 9200
I was wondering, is there a difference, whether I configure TLS with:

  • elasticsearch.yml: xpack.security.http.ssl.enabled: true
  • or via apache/nginx proxy (http:9200 -> https:443)

Is there any downsides when doing it via proxy or vice versa..?

My goal would be that the authentication passwords and all the http requests must be encrypted <-- In my opinion this can be achieved via proxy also.



This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.