SSL in Elasticsearch - is it free?

mgomse · November 26, 2019, 7:54am

Good morning,

This is my first post here so I hope that I'll do everything correctly So here is my story:

I'm using https://github.com/elastic/helm-charts/tree/master/elasticsearch in my k8s cluster
I want to set SSL connection in my cluster (according to https://github.com/elastic/helm-charts/tree/master/elasticsearch#security)
Moreover I made it already! However, I'm not fully sure won't I lose it in 30 days ... That's why I created this topic - to ask won't I lost SSL communication in 30 days?

I saw in the subscriptions page that "Encrypted communications" is in the Basic plan, so I assumed that I can use it.
Moreover I found here that:

These images are free to use under the Elastic license. They contain open source and free commercial features and access to paid commercial features.

However in Elasticsearch Security: Configure TLS/SSL & PKI Authentication | Elastic Blog I found that

In order to enable security it is necessary to have either a Gold or Platinum subscription, or a trial license enabled via Kibana or API.

Also in here I've found that:

Automatically generate and apply a trial subscription, in order to enable security features.

So I started to worry that after I'll go live and after 30 days my website will stop working...

Could you tell me is SSL connection (below options) available for free in the docker.elastic.co/elasticsearch/elasticsearch:7.2.0 image and I won't loose it after 30 days?

xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.http.ssl.key: /usr/share/elasticsearch/config/certs/cert.key
xpack.security.http.ssl.certificate_authorities: /usr/share/elasticsearch/config/certs/ca.crt
xpack.security.http.ssl.certificate: /usr/share/elasticsearch/config/certs/cert.crt
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.certificate_authorities: /usr/share/elasticsearch/config/certs/ca.crt
xpack.security.transport.ssl.certificate: /usr/share/elasticsearch/config/certs/cert.crt
xpack.security.transport.ssl.key: /usr/share/elasticsearch/config/certs/cert.key

Thank you in advance for your help!

dadoonet · November 26, 2019, 8:08am

Yes this feature is included in the free basic plan now.

mgomse · November 26, 2019, 8:20am

Great, thank you very much for your quick answer @dadoonet

system · December 24, 2019, 8:20am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Secure elasticstack Elasticsearch	11	709	August 25, 2020
XPACK Security in ELK stack 7.1.1 Elasticsearch elastic-stack-security	11	3370	July 4, 2019
Elasticsearch X-Pack Subscriptions SSL Elasticsearch	3	448	October 29, 2018
Xpack without SSL/Certificates Elasticsearch elastic-stack-security	5	1725	March 19, 2021
Transport SSL must be enabled for setups with production licenses. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false] Elasticsearch	2	937	April 3, 2018

SSL in Elasticsearch - is it free?

Related Topics