Encrypt SSL Keystore/Truststore Password Properties in opensearch.yml

Versions (relevant - OpenSearch/Dashboard/Server OS/Browser):

OpenSearch v1.3.10

Describe the issue:

Looking solution on how to encrypt SSL keystore/Truststore password properties in opensearch.yml


Following are the properties needs to be encrypted:

Relevant Logs or Screenshots:

Let me if you have solution that can be applied in v.1.3.10 or let me have any feature request created for the same

@ARK How do you deploy your cluster?

We do only have single node OS configured and that was manually deployed. We don’t use any container level deployment

@ARK As far as I know you could use only environment variables. There is no encryption available for keystore/truststore passwords.

Maybe in the long term, you should consider k8s deployment and use secrets with etcd encryption to hide the passwords.

1 Like

Thank you @pablo for the input! Sure, I will take a look that solution.