Generate CSR / Template to the SSL certificate


I have a question about adding non self-sign certificates to Elastic Stack.

What is the issue of generating CSRs and what is required in the template for certifications for Elastic Stack?

What encryption with certificates is possible in Elastic Stack? The standard self certificates are RSA 2048-bit. Can algorithms with elliptic curves be used?

Someone can give some more hints on this topic?
Unfortunately the documentation is very basic (elasticsearch-certutil | Elasticsearch Guide [7.13] | Elastic - CSR Mode).

There are no specific ES limitations to certificate encryption afaik. It's all the same as the OpenJDK limitation, depending on what version of ES you're using. Most recents are OpenJDK11.
As for CSRs, the certutil only creates self-signed certificates, it's basically an extra CLI for openssl.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.