I am using spring-boot 2.1.6.RELEASE
and elasticsearch-rest-high-level-client 7.4.2
. At present
I am working on enabling security for all communication to an Elasrticsearch including communication to/from my application. My application runs on HTTPS.
So think, in Elastic search, I need to secure two-level of communication,
- Transport communications (Elasticsearch Internal communication)
- HTTP communications. (Elastic search communication with my Application)
For securing Transport communication, I created a certificate authority for the Elasticsearch cluster using the elasticsearch-certutil ca command and it generates the single output file elastic-stack-ca.p12. In my spring-boot application, I am creating a high-level REST client
with x-pack + TLS using this example and it's working absolutely fine.
- What do I need to secure the HTTP communication?
- Should I create a
high-level REST' client using the certificates that I created using
elasticsearch-certutilor using the certificate that I created to enable SSL (HTTPS) support for my Spring Boot application? or should I need both the certificates while creating
high-level REST' client in my code - Can't I use a single certificate for both i.e. for my
application
and forelastic search
to enable SSL (HTTPS) support?