If I use searchGuard in production, I replace the certs with my own certs and setup the securityconfigs correctly. Can I rely on searchguard.allow_default_init_sgindex: true to initialize security index during bootstrap? Is there any concern to use this configuration in production?
Also could you explain what is the difference between allow_default_init_sgindex: true config and sgadmin tool? Is that sgadmin can hot load the configs without requiring restarting the node, but allow_default_init_sgindex: true is used during bootstrap?
searchguard.allow_default_init_sgindex: true will initialize the cluster on bootstrapping only (that means once a cluster is initialized the setting become irrelevant. A cluster is initialized when the searchguard index exists and the configuration was loaded).
We do not recommend it for production usage (therefore the default is false) because for a normal setup the default config would be loaded (from plugins/search-guard-VERSION/sgconfig/) which is unsafe in case they are not modified before the node starts. Its also not predictable from which node the configs will be loaded. If you make sure that the configs on all nodes are production ready (with no default users and passwords) then you might use it in production.