SAML without Elasticsearch SSL (using Traefik as a reverse proxy)

Hi there,

I want to be able to use SAML with my Elasticsearch-Kibana setup in Docker, but I need to be able to use my organisation's CA cert. I do not have access to the CA's private key, so I can't use the certutil to generate certs, but I am using Traefik on the outer level to encrypt HTTP data and this works fine.

I was wondering whether it was possible to either enable TLS without the CA private key, or enable SAML without TLS (as the HTTP data is already encrypted as it goes through Traefik, fulfilling the SAML requirement). Is this a hard Elasticsearch requirement?

Thank you!

What version of Elastic are you using?

Hi Alexis,

We're running 8.7.0.

bump (again) :slight_smile:

Have you opened a ticket with support already? This forum has no SLA, but the support ticket has an SLA and can help you faster.

Since you are using SAML you must have a paid licence, so you have access to Elastic support.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.