Hello everyone, such a question, I recently set up elasticsearch 7.17, when I created certificates, I caught myself thinking that I didn’t fully understand the meaning, I hope you can help me.
as I understand it, there are three degrees of protection, this is protection between the nodes themselves in the cluster, then there is protection when third-party clients contact (which, as I understand it, kibana is), and the third is protection when accessing kibana through a browser, is it correct I got it?
When creating a config for connecting logstash to a secure elasticsearch cluster, the certificate that was created for kibana is indicated elasticsearch-ca.pem so the question is, why do we add a kibana certificate, and do not create, for example, 2 separate certificates for logstash?
as I understand it, there are three degrees of protection, this is protection between the nodes themselves in the cluster, then there is protection when third-party clients contact (which, as I understand it, kibana is), and the third is protection when accessing kibana through a browser, is it correct I got it?
Yes, your understanding is absolutely right.
When creating a config for connecting logstash to a secure elasticsearch cluster, the certificate that was created for kibana is indicated elasticsearch-ca.pem so the question is, why do we add a kibana certificate, and do not create, for example, 2 separate certificates for logstash?
This point is not very clear for me.
But with what I understood, when you connect with elasticsearch, in the logstash config file output, you need to provide the certificate of elasticsearch as it authenticates with the certificate inside elasticsearch and then the handshake happens and the data will get transmitted to elasticsearch.
Try explaining your 2nd point in more detail so that we can guide further.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.