I stored the keystore/truststore passwords in elasticsearch-keystore tool. But searchguard is not able to read it from the elasticsearch-keystore tool.
Is searchguard supports reading from elasticsearch-keystore?
I don’t want to store the plain text passwords in elasticsearch.yml file and environment variable.
No, it is not supported by Search Guard because it’s not really secure. And here is why:
“The elasticsearch keystore currently only provides obfuscation. In the future, password protection will be added.” (Secure settings | Elasticsearch Guide [6.7] | Elastic)
So what real additional security do you gain from using elasticsearch-keystore?
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.