How to authenticate via a transport client certificate?

Hi, I have enabled search guard on a development cluster, currently i am using the keystore.jks and truststore.jks files on the same machine to authenticate the transport client, i want to know if we can change this? i.e my transport client application and the elasticsearch cluster running on different machines? what properties do i need to set in this case ?

Thanks,

Sure, that’s absolutely possible. There’s a 2 part article on our blog explaining how to implement auth/auth with a transport client. The code samples are still based on ES 2.x, but you should not have any problems porting it to ES 5.x, the concepts are the same:

https://floragunn.com/searchguard-elasicsearch-transport-clients/
https://floragunn.com/transport-client-authentication-authorization/

···

On Friday, May 26, 2017 at 8:24:59 AM UTC+2, Kumar D wrote:

Hi, I have enabled search guard on a development cluster, currently i am using the keystore.jks and truststore.jks files on the same machine to authenticate the transport client, i want to know if we can change this? i.e my transport client application and the elasticsearch cluster running on different machines? what properties do i need to set in this case ?

Thanks,

In a nutshell you simply need to load the SG plugin and use the same elasticsearch.yml SG options