[search-guard group] Searchguard certificate configuration in distributed environment

maybe you want to start with our preconfigured Search Guard Bundle https://github.com/floragunncom/search-guard/wiki/Search-Guard-Bundle ?

···

Am 26.10.2017 um 08:58 schrieb sankar dunga <sankardunga@gmail.com>:

Hi All,

Below is my setup configurations
* Search Guard and Elasticsearch versions : 5.5 and 5.5
* JVM version : 1.8
* operating system version : Centos 6.5

There many discussions, still I'm not able to understand configuration of certificates in elasticsearch distributed environment.

I've 2 node setup i.e. 1 master and 1 node, I'm not able to configurare this setup with searchguard. Single node setup is working fine.
I am generating certificates using below PKI scripts for single node setup.
        gen_root_ca.sh capass changeit
       gen_client_node_cert.sh spock changeit capass

my questions are:
-> Which certificate we need to create for master node ?
-> Which certificate we need to create for Storage node ?
-> Do we need to copy any truststore key from master node to storage node ?
-> Does in requires any configuration changes in elasticsearch.yml ?

Please help me to configure searchguard in distributed environment.

Thanks
Sankar

--
You received this message because you are subscribed to the Google Groups "Search Guard Community Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email to search-guard+unsubscribe@googlegroups.com.
To post to this group, send email to search-guard@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/14b39c37-cb16-4e1f-a965-277bd73ac313%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.