I am trying to configure Searchguard plugin for our Elasticsearch 4 node cluster.
Basically my goal is to forward logs to Elasticsearch through HTTPS from all the sources like Kubernetes, Nginx and Jenkins machines, and also access Elasticsearch from kibana with HTTPS.
How many certificates it’s needed? and what kind of certificates its needed?
by using our SSL tool create total 4 keys and 2 root certs(elastic-server.example.com.key, elastic-server.example.com.pem, rootca.pem and elastic-elient.example.com.key, elastic-client.example.com.pem, rootca-client.pem)
- CN=elastic1-0.example.com,OU=Corp,O=example EX, Inc.,DC= example,DC=net
- CN= elastic1-1.example.com,OU=Corp,O=example EX, Inc.,DC= example,DC=net
- CN= elastic1-2.example.com,OU=Corp,O=example EX, Inc.,DC= example,DC=net
- CN= elastic1-3.example.com,OU=Corp,O=example EX, Inc.,DC= example,DC=net
- CN=elastic-client.example.com,OU=Corp,O= example EX, Inc.,DC= example,DC=net
i am not able to connect to elastic cluster from outside through HTTPS and also getting below error.
./sgadmin.sh -cd …/sgconfig/ -icl -nhnv -cacert /etc/elasticsearch/ssl/root-client.pem -cert /etc/elasticsearch/ssl/elastic-client.example.com.pem -key /etc/elasticsearch/ssl/elastic-client.example.com.key
WARNING: JAVA_HOME not set, will use /bin/java
Search Guard Admin v6
Will connect to localhost:9300 … done
Unable to check whether cluster is sane: Cannot authenticate null
Connected as CN=elastic-client.example.com,OU=IT,O=example,L=ss,ST=wa,C=US
ERR: CN=elastic-client.example.com,OU=IT,O=Example,L=ss,ST=WA,C=US is not an admin user
Seems you use a client certificate but this one is not registered as admin_dn
Make sure elasticsearch.yml on all nodes contains:
*- “CN=elastic-client.example.com,OU=IT,O=example,L=ss,ST=wa,C=US” *
Elasticsearch service is running on all the nodes, please someone suggest me whether am following correct procedure or not, Thanks.
Could someone please give me some idea what are/kind the certificates needs to generate for Elastic Cluster to access Elastic cluster from outside through HTTPs and also node to node communication through HTTPS.
I have installed Elastic and kibana 6.5.4 versions.