Hello, here we want to deploy elasticsearch by ansible. We know there is a folder certs/*, where stores key-pairs for nodes info transporation or access from kibana/logstash. My question is whether there is a way to prepare a static company signed key pair or a static set of keystore created by elasticsearch-certutil in ansible-code repo. And deploy elasticsearch everytime from ansible then use the existing one.
The certs folder is part of Elasticsearch security auto-configuration.
You don't need to use auto-configuration, and you probably don't want to if you've got an external configuration management tool like Ansible.