I have installed Search Guard in LInux VM. Suppose IP is 10.123.44.99.
Now when I try to upload the data using an external tool jar file from my local machine. Even after providing root-ca.pem certificate with the truststore(which was the error) it shows another error stating that it does not recognize the IP.
Upon some googling I found that I need to add SubjectAltName in the certificate.
i.e the domain name of the VM I have deployed my elasticsearch into.
I also found out that we cannot add it in the already created certificate (here.
So if I cannot add SubjectAltName in root-ca.pem as it will disrupt the signature Is there some other possible option?
If somehow I manage to create a .pem certificate of my own. As instructed in this link.
How can I use it instead of root-ca.pem? Which seem like a complicated task cause I think other certificates are also dependent on this certificate or something.
Also, To add on to this topic.
I checked online TLS certificate generator platform of Search Guard.
Where we fill in our email, company name, and hostname and they send self signed certificates.
But it his mentioned that IP addresses are not allowed.