Hello ES & Kibana aficionados!
I'm very new to this whole topic (ES/Kibana/Network Security) and have some burning questions I'm certain you can help me out with.
General Setup:
-
Connection occurs via Citrix VPN.
-
ES & Kibana on a server inside a network as services.
-
ES has 1 node.
-
ES & Kibana are running on the same physical machine.
-
Standard passwords have been changed.
-
User passwords added to the trust store and been removed from the kibana.yml file.
-
XPACK Security is enabled and Kibana asks for login credentials.
-
Both Kibana and ES are inplemented with SSL (https://internal-ip:5601 & https://localhost:9200).
-
Cert.crt & Cert.key were created with ES's certutil and the links to the files provided in the elasticsearch.yml and kibana.yml files.
Everything is running fine so far.
Now my questions:
Did I miss a step in order to make my setup secure? Especially on the self signed certificate part.
Just generating .crt. & .key seemed a little bit too easy for my taste.
certutil just asked for the format (.pem), optional password and the name. Thats it? Did I miss a step?
Is there any good reason to set up a reverse proxy for both services (since my server is inside the network and theres only 1 node I guess a reverse proxy would be pretty much pointless or not?
Thanks in advance,
Happy loggong!
