Enabling ssl on intra-node communication in cluster?

vhj · June 3, 2015, 6:41pm

A google search for enabling ssl on elasticsearch returns nothing but hits about enabling this for the the http communication.

What about the communication between the nodes in a cluster? The ones described here:

By default, anyone sniffing the packets between cluster nodes can see all the documents being sent between the nodes in plain text. How can this be secured?

nik9000 · June 3, 2015, 6:57pm

Have a look at
https://www.elastic.co/guide/en/shield/current/separating-node-client-traffic.html

I'm not sure how much of that works without Shield.

Nik

vhj · June 4, 2015, 8:51pm

thanks nik, looks like Shield is the only way to go.

rectalogic · June 5, 2015, 7:23pm

We used ipsec transport layer encryption to do this without Shield.

https://blog.rectalogic.com/2015/03/ipsec-private-subnet.html

Topic		Replies	Views
Building Our Own Security for Inter-Node Communication in ES Cluster? Elasticsearch	4	1063	July 5, 2017
Rest Client - Encrypted Communication Elasticsearch	3	806	February 8, 2017
Unable to enable https and internode communication in 2 node cluster Elasticsearch elastic-stack-security	17	1540	June 18, 2020
TLS/SSL for cluster communications? Elasticsearch	3	325	July 6, 2017
Shield: node-to-node communication performance Elasticsearch	4	894	July 6, 2017

Enabling ssl on intra-node communication in cluster?

Related topics