Hi, I have a three-node cluster version 716.2 and I want to upgrade it to 7.17.7. in my current cluster, TLS setting is activated by following:
xpack.security.enabled: true xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12 xpack.security.http.ssl.enabled: true xpack.security.http.ssl.keystore.path: http.p12
in the case of upgrading in this [link] (Rolling upgrades | Elasticsearch Guide [7.17] | Elastic), it is said that we should copy old config folder data to the new elasticsearch config file. it means we should also copy lastic-certificates.p12 , http.p12 ,role_mapping, role.yml, users, users_roles , ... files. Is it true?
Also, when we were installing elasticsearch 7.16.2, we use below commands to set keystore password, Is it needed to do them again in the new version?
elasticsearch-keystore add xpack.security.transport.ssl.keystore.secure_password
elasticsearch-keystore add xpack.security.transport.ssl.truststore.secure_password
elasticsearch-keystore add xpack.security.http.ssl.keystore.secure_password
I will be so appreciated of your helpful guide