Planning on configuring TLS for elasticsearch port 9200
I was wondering, is there a difference, whether I configure TLS with:
- elasticsearch.yml: xpack.security.http.ssl.enabled: true
- or via apache/nginx proxy (http:9200 -> https:443)
Is there any downsides when doing it via proxy or vice versa..?
My goal would be that the authentication passwords and all the http requests must be encrypted <-- In my opinion this can be achieved via proxy also.