Update security certificate with a different CA

rajvel · July 11, 2022, 5:26am

Hello Team,

As per the document , first we need to take a backup of elaticsearch.yml, the elasticsearch.yml file in the current 8 version looks different.

Enable security features

xpack.security.enabled: true

xpack.security.enrollment.enabled: true

Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents

xpack.security.http.ssl:
enabled: true
keystore.path: certs/http.p12

Enable encryption and mutual authentication between cluster nodes

xpack.security.transport.ssl:
enabled: true
verification_mode: certificate
keystore.path: certs/transport.p12
truststore.path: certs/transport.p12

Please advise is the document is correct we have single file for transport layer in keystore and trust store, but in the document they mentioned two different files.

rajvel · July 12, 2022, 9:27am

Hello Team,

Anyone please help me on this.

system · August 9, 2022, 9:28am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Cannot add new CA to keystore Elasticsearch elastic-stack-security	4	808	April 7, 2023
Doubts for SSL certs renew on ELK stack v8 Elasticsearch elastic-stack-security	4	572	April 26, 2022
Updating elasticsearch CA but _ssl/certificates return wrong result Elasticsearch elastic-stack-security	6	225	March 25, 2024
Problem attempting to migrate from self-signed SSL cert to a CA issued SSL cert Elasticsearch elastic-stack-security	3	570	September 16, 2019
Several question about SSL/TLS Elasticsearch elastic-stack-security	6	587	December 10, 2019

Update security certificate with a different CA

Enable security features

Enable encryption for HTTP API client connections, such as Kibana, Logstash, and Agents

Enable encryption and mutual authentication between cluster nodes

Related topics