Hello,
I want to use my own CA certificate in enrolling elastic nodes in the same cluster.
What are the steps to follow?
Thanks.
you create your own CA using command
/usr/share/Elasticsearch/bin/Elasticsearch-certutil cert cert --ca elastic-stack-ca.p12 --days <#days>
mkdir /etc/ealsticsearch/config
move newly created certificate to that location
cp /usr/share/Elasticsearch/elastic-stack-ca.p12 /etc/Elasticsearch/config/
make sure that certificate is own by user Elasticsearch.
add these three line in Elasticsearch.conf
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/config/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/config/elastic-stack-ca.p12
and you done.
also add same file in to all nodes you have
Hello Sachin,
It worked.
Thanks.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.