i managed to run and connect to elastic with search guard in single mode and it looks great.
I setup a cluster with the exact same config and truststore and keystore for all nodes.
Is it ok from security point of view to have the same keystore & truststore for all nodes?
if not, does it mean that i if i create a keystore per node then i need to add this keystore to the truststore?
in that case, am i supposed to update the truststore file on all nodes and clients everytime i’m adding a node?
is there any best practice document that i can follow that summarizes the topic?