mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-04-24 23:27:25 -04:00
255c9a7f95
**Problem:** For historical reasons, source files for the Elasticsearch Guide's security, watcher, and Logstash API docs are housed in the `x-pack/docs` directory. This can confuse new contributors who expect Elasticsearch Guide docs to be located in `docs/reference`. **Solution:** - Move the security, watcher, and Logstash API doc source files to the `docs/reference` directory - Update doc snippet tests to use security Rel: https://github.com/elastic/platform-docs-team/issues/208
17 lines
799 B
Text
17 lines
799 B
Text
[role="xpack"]
|
|
[[pki-realm]]
|
|
=== PKI user authentication
|
|
|
|
You can configure {es} to use Public Key Infrastructure (PKI) certificates to
|
|
authenticate users. In this scenario, clients connecting directly to {es} must
|
|
present X.509 certificates. First, the certificates must be accepted for
|
|
authentication on the SSL/TLS layer on {es}. Then they are optionally
|
|
further validated by a PKI realm. See <<pki-realm-for-direct-clients>>.
|
|
|
|
You can also use PKI certificates to authenticate to {kib}, however this
|
|
requires some additional configuration. On {es}, this configuration enables {kib}
|
|
to act as a proxy for SSL/TLS authentication and to submit the client
|
|
certificates to {es} for further validation by a PKI realm. See
|
|
<<pki-realm-for-proxied-clients>>.
|
|
|
|
include::configuring-pki-realm.asciidoc[]
|