Elasticsearch keystore reloadable settings

Dheeraj_Lalwani · June 7, 2022, 9:11am

Hello
we are using Elasticsearch 7.16.3 with ssl enabled.
We have stored following settings in the Elasticsearch-keystore for that-

xpack.security.http.ssl.keystore.secure_password
xpack.security.http.ssl.truststore.secure_password
xpack.security.transport.ssl.keystore.secure_password
xpack.security.transport.ssl.truststore.secure_password

Whenever certificate password is changed then Elasticsearch-keystore still contains old password.
I have tried with reloadable Elasticsearch security settings but it didn't work.

Please confirm, if there is a way to reload above security settings.

Many Thanks In Advance!!
Regards
Dheeraj

Yang_Wang · June 7, 2022, 10:11am

They are not reloadable. You have to restart the node for any changes to the secure_password.

Dheeraj_Lalwani · June 7, 2022, 11:35am

Thanks a lot for the quick answer. Even restart doesn't refresh Elasticsearch-keystore.

Yang_Wang · June 7, 2022, 12:06pm

What do you mean by this? You need update the passwords stored in the keystore before they can be picked up by node restart.

Dheeraj_Lalwani · June 7, 2022, 1:23pm

I thought password will be updated automatically. Thanks a lot for your inputs.

system · July 5, 2022, 1:24pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Doubts for SSL certs renew on ELK stack v8 Elasticsearch elastic-stack-security	4	564	April 26, 2022
ES 6.3, alternative to reload_secure_settings Elasticsearch	2	720	December 14, 2018
Elasticsearch S3 repository creation - Reload secure settings Elasticsearch	2	373	December 9, 2020
Elasticsearch.yml automatically reloaded? Elasticsearch	6	2673	September 15, 2017
Error with SSL keystore when trying to do remote reindex Elasticsearch elastic-stack-security	5	3820	December 2, 2022

Elasticsearch keystore reloadable settings

Related Topics