Elastic安全配置开启xpack
1、生成证书
创新互联是一家专注于成都网站设计、做网站与策划设计,石景山网站建设哪家好?创新互联做网站,专注于网站建设十余年,网设计领域的专业建站公司;建站业务涵盖:石景山等地区。石景山做网站价格咨询:18980820575
bin/elasticsearch-certutil ca
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
mv bin/elastic-certificates.p12 config/
mv bin/elastic-stack-ca.p12 config/
2、编辑elasticsearch.yml
开启xpack
xpack.security.enabled: true
3、开启集群中https传输
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
4、开启api接口https传输
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: elastic-certificates.p12
xpack.security.http.ssl.truststore.path: elastic-certificates.p12
xpack.security.http.ssl.client_authentication: none
xpack.ssl.verification_mode: none
5、自动生成密码
bin/elasticsearch-setup-passwords auto
6、配置kibana.yml
因为开启了elastic https传输所以要把http改为https
elasticsearch.hosts: ["https://localhost:9200"]
配置刚刚生成的kibana用户名和密码,否则启动kibana会报错
elasticsearch.username: "kibana"
elasticsearch.password: "puVIrhabjDNOMFCybZZj"
ssl证书认证为none
elasticsearch.ssl.verificationMode: none
网站标题:Elastic安全配置开启xpack
网站链接:http://lswzjz.com/article/pdsjeg.html