Elasticsearch keystore reloadable settings

Dheeraj_Lalwani · June 7, 2022, 9:11am

Hello
we are using Elasticsearch 7.16.3 with ssl enabled.
We have stored following settings in the Elasticsearch-keystore for that-

xpack.security.http.ssl.keystore.secure_password
xpack.security.http.ssl.truststore.secure_password
xpack.security.transport.ssl.keystore.secure_password
xpack.security.transport.ssl.truststore.secure_password

Whenever certificate password is changed then Elasticsearch-keystore still contains old password.
I have tried with reloadable Elasticsearch security settings but it didn't work.

Please confirm, if there is a way to reload above security settings.

Many Thanks In Advance!!
Regards
Dheeraj

Yang_Wang · June 7, 2022, 10:11am

They are not reloadable. You have to restart the node for any changes to the secure_password.

Dheeraj_Lalwani · June 7, 2022, 11:35am

Thanks a lot for the quick answer. Even restart doesn't refresh Elasticsearch-keystore.

Yang_Wang · June 7, 2022, 12:06pm

What do you mean by this? You need update the passwords stored in the keystore before they can be picked up by node restart.

Dheeraj_Lalwani · June 7, 2022, 1:23pm

I thought password will be updated automatically. Thanks a lot for your inputs.

system · July 5, 2022, 1:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.