Hi everyone,
Please I need your help with the following:
I have an Elasticsearch cluster (3 nodes) in version 7.14 configured and working, as it is in a productive environment, the following safeguards were implemented
- Minimal security (creating passwords for built-in users)
- Basic security (encrypt internode comunications with TLS) in this step the elastic-stack-ca.p12 and elastic-certificates.p12 digital certificates were created.
- Encrypt HTTP client communications for Elasticsearch, in this step, the digital certificates http.p12 (one for each node) and Elasticsearch-ca.pem (to encrypt the traffic between Kibana and the Elasticsearch cluster) were generated.
The client of my cluster will be Grafana 8.2, the limitation of this tool is that it cannot connect to a cluster or several Elasticsearch hosts, so in my architecture I need to add a load balancer (F5) to use the IP of this component as an intermediary between Grafana and the Elasticsearch cluster.
Here my question. When configuring the F5 Virtual Server it asks me for a single certificate and a key to connect/balance the 3 Elasticsearch nodes, which of the certificates mentioned above should I configure in the F5 Virtual Server so that it can communicate with my Elasticsearch cluster?