I'm trying to generate a PEM certificate for elasticsearch using elasticsearch-certutil by introducing the following line
bin/elasticsearch-certutil ca --pem
Then, the program asks me to set a name for the resulting .zip . However, when finishing executing it, no .PEM has been issued from the program into the elasticsearch root directory.
I executed the program as root, using Elasticsearch 8.11 (the latest version up to date)
I appreciate any suggestion
Hello and welcome,
This is expected, it will create a zip file with the certificate and key in PEM format, it will not create a .pem file, it will create a .crt and a .key file.
So, if I want to use it in logstash, do I have only to change the extension .pem?
In the Elasticsearch output?
No, you need to use just the .crt file.
ssl_certificate_authorities => '/path/to/file/ca.crt'
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.