I’m sorry, but I do not understand your question and how SG is related to the linked diagram.
When using TLS with Search Guard, the handshake takes place between the client (transport and REST) and Search Guard/Netty. We terminate TLS and pass down the unencrypted traffic to ES. Same is true for the other way round, we encrypt traffic coming from ES before handing it out to the client. Same principle as TLS on a regular webserver in principle.
On Tuesday, 8 November 2016 18:42:01 UTC+2, email@example.com wrote:
I am study searchguard and reading about it. I would like to know please how to map the variables searchguard.ssl.transport.* and searchguard.ssl.http.* of elasticsearch.yml on to the next figure of the TLS/SSL architecture. Where is used the each key?