Thanks a lot. So I am using the basic version and I believe I need to set xpack.security.transport.ssl.enabled = true
I see the document that you have included that I can use elasticsearch certl util, but does it mean that I have to install a SSL certificate on my webserver too to communicate with ES Cluster?
I just want to password protect the cluster, is it possible to achieve this without setting all these security variables?
Yes, you can just enable x-pack security in elasticsearch.yml with xpack.security.enabled: true
Run your node, and run use this tool elasticsearch-setup-passwords to setup passwords
Thanks, when I set xpack.security.enabled: true, I get message from elastic search saying I need to set xpack.security.transport.ssl.enabled: true if I am using the basic version...
I believe once xpack.security.transport.ssl.enabled is enabled I need to install some SSL certificates on the nodes (which I can see how it is done in the document that you have included). I am just wondering if I need to install an SSL certificate on my WebServer as well to communicate with the nodes? (I don't want an SSL on the web server as they are all inside a private network).
If I set xpack.security.enabled: true then I will get the following message:
Transport SSL must be enabled if security is enabled on a [basic] license. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled]
For a cluster that is running in production mode with a production license, once security is enabled, transport TLS/SSL must also be enabled. On the other hand, if we are running with a trial license, then transport TLS/SSL is not obligatory.
If we are running with a production license and we attempt to start the cluster with security enabled before we have enabled transport TLS/SSL, we will see the following error message:
Transport SSL must be enabled for setups with production licenses. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false]
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.