SSL Certificates and Stores

Hi,

I am installing Kibana and Elasticsearch on separate nodes. I have installed searchguard plugins for both, elasticsearch and kibana. This works well when both are deployed on a same node. For that, i exported the root-ca.pem file from truststore and added its path in kibana config and it runs well.

I want to deploy these on separate nodes, i tried exporting the root-ca.pem file and transferred to the kibana node, added its path but it raises errors like “Unable to get local issuer certificate” and some “127.0.0.1” and localhost.

My take is that while installing searchguard, i ran the demo_configuration which has a hard-coded keystore and truststore data, meant to be used on localhost. Now what should i do to create my own keystore and truststore and make elasticsearch to use that one i created. Also how to make kibana run, on the other node, to verify elasticsearch’s certificate and all that.

I tried creating my own certficates, CA, truststore and keystore but could not make it run. I also import my own-created self-signed certificates in pre-built keystore and truststore but did not work.

Can you tell me what i am doing wrong, or there is other way to achieve this???