Configure HTTPS for Elasticsearch

Elasticsearch Nov 04, 2022

1.       Generate CA and key for ELK stack

./bin/elasticsearch-certutil ca

2.       Generate certs and its key for nodes (in the cluster, do the same for each node)

./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

3.       Config the node inter communication - elasticsearch.yml true certificate required elastic-certificates.p12 elastic-certificates.p12

if there is a password for the private key then add it to elasticsearch keystore.

./bin/elasticsearch-keystore add

./bin/elasticsearch-keystore add

4.       Generate cert and its key for https config

./bin/elasticsearch-certutil http

It generated file:

|_ README.txt
|_ http.p12
|_ sample-elasticsearch.yml

|_ README.txt
|_ elasticsearch-ca.pem
|_ sample-kibana.yml

5.       From Elasticsearch, use the key http.p12 from previous step - elasticsearch.yml true http.p12

if there is a password for the private key, then add it to elasticsearch keystore.

./bin/elasticsearch-keystore add

6.       From Kibana, use the cert elasticsearch-ca.pem from the previous step – kibana.yml

elasticsearch.ssl.certificateAuthorities: elasticsearch-ca.pem

elasticsearch.hosts: https://:9200


Dai (Bato) Quach

Integration Architect | SAP Integration Suite / PO Consultant | AWS Solutions Architect

Great! You've successfully subscribed.
Great! Next, complete checkout for full access.
Welcome back! You've successfully signed in.
Success! Your account is fully activated, you now have access to all content.