Hi Folks,
Thanks to all members for their help and support.
I need opinion for both Single Node and Cluster in Elasticsearch.
“Is not using the /etc/elasticsearch/trust.yml file in /etc/elasticsearch/elasticsearch.yml and not creating it in as /etc/elasticsearch/trust.yml considered a significant security risk?
What are the potential implications of omitting it in a cluster environment?
In my current setup, I’m not using this file, and the cluster is still forming successfully — does this pose any operational or security concerns?”
Actually this is not any official document. Just 1 document from my company. I am verifying this document by my own research ( searching on ES documentation then by testing).
“This configuration I am asking about is for Elasticsearch 8.19.3.”
Really hard for us to comment on the correctness of external documents, especially when we only see tiny selected pieces.
As I mentioned that setting does not even exist in documented setting for 8.19 from our official documentation that I shared above.
That is not a normal part of a normal installation. Perhaps your company has some very specific requirements for very specific versions, which I can not comment on.
Normal Good Certificate hygiene is most important.
Thank you, Stephen — really appreciate your clarification. I see your point.
Yes, this is indeed an internal company document, and I completely understand that it’s hard to comment on third-party or partial snippets.
I’m currently verifying it on my own by comparing every setting with the official 8.19.3 documentation and also testing it directly on my environment.
Your note about proper certificate hygiene is so true — I will make sure to align the configuration with the documented and supported settings for ES 8.19.3.
Thanks again for your knowledge and guidance. I really appreciate this.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.
