0
Due to auditing requirements, it is necessary to encrypt all connections between the application and the elasticsearch cluster after a little googling, I realized that the elasticsearch cluster protection looks like this
- Enable x-pack: true in elasticsearch.yml
- generate CA
- copy the CA to each node in the cluster
- generate a certificate for each node (by signing it using the generated CA in paragraph 2) in this case, we will have a secure connection ONLY between the nodes in the cluster (on port 9300) inter-node tls
I have purchased an SSL certificate and the certificate files look like this STAR_rem-masters_com.ca-bundle star_rem_masters_com_certificate.crt
(I bought these certificates from sectigo) Now the question is how can these certificates be used for inter-node ssl and client-server ( application > elasticsearch ) because in all examples they use self-signed certificates that are generated using elasticsearch-certutil