Xpack setting up security

lilyevsky · December 6, 2018, 7:51pm

I am just starting with Elasticsearch 6.5.1 (our current version is 5.6).
Need to use XPack for users, passwords, etc.

Question: Do I necessarily need to setup encryption between nodes? Or I can have authentication for users, encryption for user and Kibana access, but without node-to-node encryption?

I tried to start Elasticsearch without TLS, but then I could not install the XPack license, it gave me an error:

Cannot install a [PLATINUM] license unless TLS is configured or security is disabled

But if i disable security, then I cannot use XPack at all.

ikakavas · December 14, 2018, 9:16am

Hi Leonid,

Yes, you must setup TLS for the transport layer (node-to-node encryption) in order to enable security. As mentioned in the documentation:

Clusters that do not have encryption enabled send all data in plain text including passwords and will not be able to install a license that enables X-Pack security.

system · January 11, 2019, 9:17am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Enable xpack.security but not password authentication Elasticsearch elastic-stack-security	3	1102	August 22, 2023
Setting xpack.security.enabled = true Elasticsearch elastic-stack-security	8	25489	June 29, 2019
Transport SSL must be enabled for setups with production licenses. Please set [xpack.security.transport.ssl.enabled] to [true] or disable security by setting [xpack.security.enabled] to [false] Elasticsearch	2	937	April 3, 2018
Puzzled about message: Configuring TLS will be required to apply a Gold or Platinum license when security is enabled Elasticsearch	4	837	June 5, 2018
XPACK Security in ELK stack 7.1.1 Elasticsearch elastic-stack-security	11	3370	July 4, 2019

Xpack setting up security

Related Topics