Thanks, this is the best info we've found on this!
We were making progress until we started trying to use https://localhost:9200. The first app was Kibana, we found a post saying you "must" use
Of course, it didn't say why (I'll bet onlocalhost validation failure), but it lets Kibana mostly work except for monitoring, which is probably these errors:
["license","warning","xpack"],"pid":216709,"message":"License information fr
om the X-Pack plugin could not be obtained from Elasticsearch for the [monitoring] cluster. Error: No Living connections"}
So far I haven't been able to find the equivalent option for xpack monitoring verification mode.
I started working on logstash and got it somewhat working, but it generates so many log messages starting with
** WARNING ** You have enabled encryption but DISABLED certificate verification
that we will drown in our own log volume.
What is the best practice here? While most of our ingest to port 9200 will be from localhost, there may well be some over the network, so it should use TLS. Can "localhost" be added to the cert? (We used an InCommon cert here, it will eventually be a san cert with all the hosts in the stack listed).
We are testing on 6.6.1.