Elasticsearch version: 6.8.10
Server OS version: CentOS 7
Kibana version (if relevant): 6.8.10
Browser version (if relevant):
Browser OS version (if relevant):
Describe the issue:
After selecting certain ciphers ( searchguard.ssl.http.enabled_ciphers
) and restarting elasticsearch, elasticsearch complains about the following same issues as in this thread (Searchguard cipher suite issue). This is obviously becuase the other clients or Kibana is communicating with another set of ciphers. However, i was wondering if it is possible to harden the ciphers that our stack can use without having to shutdown my whole cluster and then starting it back up again after allowing the same set of ciphers on all of our elasticsearch nodes?
What happened is the following:
- I shutdown a certain elasticsearch node
- I changed the elasticsearch.yml to whitelist certain ciphers with the
searchguard.ssl.http.enabled_ciphers
option. - I restart elasticsearch on the same node again
- I get errors complaining about the ciphers, same as in Searchguard cipher suite issue
I hope you understand my question/issue.