Hi elastic engineers,
Is there a way to create/generate/rename and use distinguished elasticsearch keystore file name instead of default name elasticsearch.keystore ?
I'm running multiple elasticsearch clusters (v.7.9/X-Pack enabled on RHEL) and generated/created distinguished password-protected certificate file names per cluster like elastic-certificates-dev.p12 (node cert), http-dev.p12 (node cert), http-dev.crt (rest client cert) for the dev cluster,
elastic-certificates-qa.p12, http-qa.p12, http-qa.crt for the qa cluster, etc. for the xat and prod clusters.
I distinguished certs file names for different clusters by appending the cluster name to the default names of the certificates to easy their maintainability.
The elasticsearh.yml matches and recognise those distinguished certificate file names.
I generate keystore file as 'elasticsearch-keystore create -p'
These setups and configurations work well with the default name of elasticserch.keystore, which keeps certificates' passwords.
The inconvenience is I need to maintain multiple elasticserch.keystore with the same name but with different content/passwords related to certificates being used in different environments - dev, qa, xat, prod.
Having the ability to generate and use keystore files with distinguished names like elasticserch-dev.keystore, elasticserch-qa.keystore, elasticserch-xat.keystore, etc. would simplify the maintainability and provide more flexibility as it is for the certificate file names.
Thanks in advance