bootstrap.password is a transient password derived from the
keystore.seed which is auto-generated, and is meant to be used only to set the passwords of the built in users. You should not use this instead and you can not use this instead as:
- There is no API to read
keystore.seed from the Elasticsearch keystore so that you can use it in authenticated API requests
- Even if you set the
bootstrap.password yourself in the Elasticsearch keystore, this password can subsequently only be used for the
elastic user and not the rest of the built in users.
There are no advantages and disadvantages to think about in this specific case as there are no alternatives. The strongly suggested and only supported way is to follow the documentation and set the built-in users passwords.