1、环境介绍
操作系统:centos 7.9
elasticsearch版本:7.13.3
2、生成es ca证书
bin/elasticsearch-certutil ca
注意:提示输入密码:输入Smtgbk_123(自定义,后面配置文件中用到)
bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12
注意:提示输入密码:输入Smtgbk_123(自定义,后面配置文件中用到)
mkdir /data/elasticsearch/config/certs
mv /data/elasticsearch/elastic-* /data/elasticsearch/config/certs/
例子:
scp -r /data/elasticsearch/config/certs/ esmn02.wtown.com:/data/elasticsearch/config/
http.cors.enabled: true
http.cors.allow-origin: "*"
http.cors.allow-headers: Authorization
xpack.security.enabled: true
xpack.license.self_generated.type: basic
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: /data/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: /data/elasticsearch/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.keystore.password: Smtgbk_123
xpack.security.transport.ssl.truststore.password: Smtgbk_123
注意:
http.cors.enabled: true
http.cors.allow-origin: “*”
这两个参数之前配置过,注意不要重复
7、重启所有节点的es服务
查看进程号:
ps -ef | grep ela
杀死进程号:
kill -9 进程号
启动es服务:
/data/elasticsearch/bin/elasticsearch -d
/data/elasticsearch/bin/elasticsearch-setup-passwords interactive
用户名:elastic
密码:第8步设置的密码
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。
