如何解决使用现有证书的 Elasticsearch SSL 配置
我正在尝试使用我自己的 company.cer 文件进行 elasticsearch 的 ssl 配置。
但是,我在某些情况下失败了。
第一种情况,我在下面的配置中使用证书文件的cer扩展
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.certificate: company.cer
xpack.security.http.ssl.certificate_authorities: company.cer
xpack.security.transport.ssl.certificate: company.cer
xpack.security.transport.ssl.certificate_authorities: company.cer
第二种情况我用pfx试过,
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: company.pfx
xpack.security.transport.ssl.truststore.path: company.pfx
xpack.security.transport.ssl.keystore.password: password
xpack.security.transport.ssl.truststore.password: password
xpack.security.http.ssl.keystore.password: password
xpack.security.http.ssl.truststore.password: password
密码是pfx 文件的密码。但是这个配置没有用。
然后,我尝试使用以下配置通过 OpenSSL From This Link 生成 crt、密钥文件。
xpack.security.enabled: true
xpack.security.http.ssl.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.http.ssl.key: company.key
xpack.security.http.ssl.certificate: company.crt
xpack.security.http.ssl.certificate_authorities: company.crt
xpack.security.transport.ssl.key: company.key
xpack.security.transport.ssl.certificate: company.crt
xpack.security.transport.ssl.certificate_authorities: company.crt
如何从 cer 或 pfx 文件配置 Elasticsearch SSL?
感谢回答
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。