XPack Watches + HTTP INput + Mutual Auth

Can we create Watches with REST http input that needs mutual auth certs?

Yes, you can (asusming you have a license that allows for the use of Watcher).

You need to configure this in the elasticsearch.yml configuration file by setting something like:

# Using a PKCS#12 keystore
xpack.http.ssl.keystore.path: path/to/keystore.p12 
# Using PEM
xpack.http.ssl.certificate: path/to/cert.pem 
xpack.http.ssl.key path/to/key.pem 

There is only a single configuration that is applied to all watcher actions. I would recommend using a PKCS#12 keystore, as that will allow you to have multiple certificate+key pairs, and it should pick the correct certificate for the destination server.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.