I am using
spring-boot 2.1.6.RELEASE and
elasticsearch-rest-high-level-client 7.4.2 . At present
I am working on enabling security for all communication to an Elasrticsearch including communication to/from my application. My application runs on HTTPS.
So think, in Elastic search, I need to secure two-level of communication,
- Transport communications (Elasticsearch Internal communication)
- HTTP communications. (Elastic search communication with my Application)
For securing Transport communication, I created a certificate authority for the Elasticsearch cluster using the elasticsearch-certutil ca command and it generates the single output file elastic-stack-ca.p12. In my spring-boot application, I am creating a
high-level REST client with x-pack + TLS using this example and it's working absolutely fine.
- What do I need to secure the HTTP communication?
- Should I create a
high-level REST' client using the certificates that I created usingelasticsearch-certutil
or using the certificate that I created to enable SSL (HTTPS) support for my Spring Boot application? or should I need both the certificates while creatinghigh-level REST' client in my code
- Can't I use a single certificate for both i.e. for my
elastic searchto enable SSL (HTTPS) support?