Setting up Xpack security - stuck

Hello everyone,

I recently setup a 3 server cluster of Elasticsearch, 2 server cluster of Logstash, and 1 Kibana server. Before I attempted to turn on https and xpack everything worked like a charm. I know I am getting confused around the certificates and CAs aspect.

I tried to make a CA on the master elasticsearch server and create keys to be used. For SSL I tried to create a wild card cert/chain to use on all of the servers using our domain CA.

We have our own CA and I am not really sure the best way to setup this all up. I would like to use our domain CA for as much as possible.

Below is what I have setup in the .yml file in elasticsearch: # accept request from remote true true certificate certs/elasticsearch01.key certs/elasticsearch01.crt [ "/etc/elasticsearch/certs/ca.crt" ] true certs/http.key certs/http.crt [ "/etc/elasticsearch/certs/cachaincertificate.crt" ] optional

http.cors.enabled: true
http.cors.allow-origin: ""
http.cors.allow-methods : OPTIONS, HEAD, GET, POST, PUT, DELETE
http.cors.allow-headers : Authorization, X-Requested-With,X-Auth-Token,Content-Type, Content-Length

I have changed the name of some of the certs/website.

Hi ,

Is there a specific question we can help you with ? What is the problem / error you are getting with the configuration you tried ?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.