Elasticsearch 8 Security Tutorial - Configuring SSL, TLS, and HTTPS
Elasticsearch 8 Security Tutorials
Elasticsearch 8 Security Tutorial - Set password Elasticsearch 8 Security Tutorial - Configuring SSL, TLS, and HTTPS Elasticsearch 8 Security Tutorial - Store credentials using keystore Elasticsearch 8 Tutorial - Configuring Elasticsearch and Kibana with Credentials and SSL Elasticsearch 8 Tutorial - Integrate Azure AD OIDC in Elasticsearch and Kibana Elasticsearch 8 Tutorial - Configuring Elasticsearch SSL/HTTPS with CA issued Digital Certificate
Video
This tutorial is explained in the below Youtube Video.Implementation
Elasticsearch has two levels of communications, transport communications and http communications. We will look at the security of the two levels of communications in detail.Create and use PKCS12 certificate for http communications
Http communication is the communication between elasticsearch and various clients like browser, postman, spring boot client applications.
We will be using the elasticsearch-certutil command for the creation of certificates. This tool assists you in the generation of X.509 certificates and certificate signing requests for use with SSL/TLS in the Elastic stack.
-
Generate new certificate authority
elasticsearch-certutil ca
The 'ca' mode generates a new 'certificate authority' This will create a new X.509 certificate and private key that can be used to sign certificate when running in 'cert' mode.
-
Generate X.509 certificate
We make use of the above created certificate authority to generate the certificate.elasticsearch-certutil cert --ca elastic-stack-ca.p12