mirror of
https://github.com/elastic/elasticsearch.git
synced 2025-06-29 18:03:32 -04:00
9e9a8cc7d0
We (mostly I) were initially advocating for the auto-generated files to use unique names (the name containing a timestamp particle), in order to avoid that subsequent invocations of the config step conflict with itself. Moreover, I was wishing that these files will not have to be handled directly by admins (that the enrollment process was to be used). However, experience proved us otherwise, admins have to manipulate these files, and unique configuration names are hard to deal with in scripts and docs, so this PR is all about using a fixed name for all the generated files. _Labeling as a bug fix because the feedback is that it very negatively impacts usabilty._ Closes https://github.com/elastic/elasticsearch/issues/81057
18 lines
653 B
Text
18 lines
653 B
Text
[role="exclude"]
|
|
===== Security certificates and keys
|
|
|
|
When you install {es}, the following certificates and keys are
|
|
generated in the {es} configuration directory, which are used to connect a {kib}
|
|
instance to your secured {es} cluster and to encrypt internode communication.
|
|
The files are listed here for reference.
|
|
|
|
`http_ca.crt`::
|
|
The CA certificate that is used to sign the certificates for the HTTP layer of
|
|
this {es} cluster.
|
|
|
|
`http.p12`::
|
|
Keystore that contains the key and certificate for the HTTP layer for this node.
|
|
|
|
`transport.p12`::
|
|
Keystore that contains the key and certificate for the transport layer for all
|
|
the nodes in your cluster.
|