in Kibana.yml, there are: #Optional settings that provide the paths to the PEM-format SSL certificate and key files. #These files validate that your Elasticsearch backend uses the same key files.
elasticsearch.ssl.certificate:
elasticsearch.ssl.key:
What does " validate that your Elasticsearch backend uses the same key files." mean? Does it mean the certificate and key to be set there are the same as the ones used for elasticsearch node?
It said that "Optional settings". Then when must we set it?
Are you looking to serve kibana over https or pass a certificate and key to elasticsearch? The comment is referring to passing certificates along with each request to elasticsearch, and elasticsearch is configured to only accept requests that have these certificates. It's not a common workflow until we support full PKI - https://github.com/elastic/kibana/issues/7341.
Is it possible we want server.ssl.certificate/server.ssl.key?
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.