Thanks for the info. Somehow I missed it in the documentation.
Just to make sure that I have understood it right:
We send the data via serilog shipper to the loadbalancer.
This is how the relevant section settings.json for the serilog looks like.
Current setup still remains as it is after ssl enabling internally.
And kibana url will remains the http based like before:
But then the user login feature gets enabled and I can create users and assign roles to them.
Also I am referring to this blog:
My understanding is that I comment the lines below to keep the http based communications betweent the client and the cluster.
[root@node1 elasticsearch]# vi elasticsearch.yml
## add the following contents
## xpack.security.http.ssl.enabled: true
## xpack.security.http.ssl.key: certs/node1.key
## xpack.security.http.ssl.certificate: certs/node1.crt
## xpack.security.http.ssl.certificate_authorities: certs/ca.crt
discovery.seed_hosts: [ "node1.elastic.test.com" ]
cluster.initial_master_nodes: [ "node1" ]