I'm trying to generate a PEM certificate for elasticsearch using elasticsearch-certutil by introducing the following line
bin/elasticsearch-certutil ca --pem
Then, the program asks me to set a name for the resulting .zip . However, when finishing executing it, no .PEM has been issued from the program into the elasticsearch root directory.
I executed the program as root, using Elasticsearch 8.11 (the latest version up to date)
I appreciate any suggestion
Hello and welcome,
This is expected, it will create a zip file with the certificate and key in PEM format, it will not create a
.pem file, it will create a
.crt and a
So, if I want to use it in logstash, do I have only to change the extension .pem?
In the Elasticsearch output?
No, you need to use just the
ssl_certificate_authorities => '/path/to/file/ca.crt'