ELK 8.2 using our ca certifiate for enrolling elastics node

Hello,
I want to use my own CA certificate in enrolling elastic nodes in the same cluster.
What are the steps to follow?
Thanks.

you create your own CA using command

/usr/share/Elasticsearch/bin/Elasticsearch-certutil cert cert --ca elastic-stack-ca.p12 --days <#days>

mkdir /etc/ealsticsearch/config
move newly created certificate to that location
cp /usr/share/Elasticsearch/elastic-stack-ca.p12 /etc/Elasticsearch/config/

make sure that certificate is own by user Elasticsearch.

add these three line in Elasticsearch.conf

xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /etc/elasticsearch/config/elastic-stack-ca.p12
xpack.security.transport.ssl.truststore.path: /etc/elasticsearch/config/elastic-stack-ca.p12

and you done.
also add same file in to all nodes you have

Hello Sachin,

It worked.

Thanks.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.