Https:9200 without user/password and certificate

Can I setup elasticsearch, so I can use curl like this

curl https://server:9200

if yes what are the settings in yml

Hi @elasticforme

HTTPS by definition requires a CA and TLS certificate for elasticsearch.

Are you asking if you then can curl without providing a CA?

If that the question.

The answer to that is Yes provided

  1. the certificates are publicly signed and trusted
  2. If self signed / corporate signed the CA would need to be instead in the host's trust store.

With respect to HTTPS and no u/p would need to check I am not sure that is a valid config... Certainly unusual... Encrypt traffic but no login ...what is the point?

1 Like

ok so I can use
curl -k to ignore providing certificate but how do I disable user/password?

what is the point? i don't know at this time either. few people testing something and I am helping on elastic side.

Why not just turn off all security then...

xpack.security.enabled: false

You will need to test. I'm not at my desk to test the configuration you want.

Yes the -k to ignore cert check

I already did disable whole security, and it work.

but they want to test https:9200 without username/password

Like I said I'm away from the keyboard...

Did you try leaving the http ssl enabled with the settings...

xpack.security.http.ssl:
  enabled: true
....

With the other setting off?

You should be able to do that by configuring anonymous access.

1 Like