Recreate the automatically generated certificates

Sorry for the beginner question, but I am having trouble regenerating the certificates that were made at deployment. I'm not familiar with how certificates work so I was hoping there might be a script that just regenerates them? I changed the ip of my elasticsearch server and the certificate was apparently bound to the initial ips. I prematurely deleted the certs inside the /config/certs directory and now I'm stuck. Anyone know how I can fix this without a full reinstall?


Regenerating certificates for Elasticsearch can be done using the Elasticsearch certutil tool.


The basic steps are

Create CA

./bin/elasticsearch-certutil ca

Create Transport Certs

./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

Create http certs

./bin/elasticsearch-certutil http

Move all the certs to the correct directories and make sure they are readable.

Detailed Steps are Here as well

And i have some examples here...

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.