Xpack setting up security

lilyevsky · December 6, 2018, 7:51pm

I am just starting with Elasticsearch 6.5.1 (our current version is 5.6).
Need to use XPack for users, passwords, etc.

Question: Do I necessarily need to setup encryption between nodes? Or I can have authentication for users, encryption for user and Kibana access, but without node-to-node encryption?

I tried to start Elasticsearch without TLS, but then I could not install the XPack license, it gave me an error:

Cannot install a [PLATINUM] license unless TLS is configured or security is disabled

But if i disable security, then I cannot use XPack at all.

ikakavas · December 14, 2018, 9:16am

Hi Leonid,

Yes, you must setup TLS for the transport layer (node-to-node encryption) in order to enable security. As mentioned in the documentation:

Clusters that do not have encryption enabled send all data in plain text including passwords and will not be able to install a license that enables X-Pack security.

system · January 11, 2019, 9:17am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Enable xpack authentication without TLS with GOLD license Elasticsearch	2	920	May 11, 2018
Having issues with elasticsearch encryption Elasticsearch license	7	485	May 6, 2020
Enabling xpack security TLS Elasticsearch elastic-stack-security	2	266	December 17, 2021
Has anyone been successful configuring "free" TLS in 7.1? Elasticsearch	9	439	June 21, 2019
Xpack security feature showing inconsistent behavior Elasticsearch elastic-stack-security , docker	2	395	December 2, 2019

Xpack setting up security

Related topics