Hide LDAP credentials in config file

Mantas · February 21, 2024, 10:36am

** On behalf of a user of Slack **

“Is there a way to use the keystore to store the ldap bind_dn passwords that you have to normally store unencrypted in the config.xml file? Elasticsearch has documentation it can do this but it’s using a different plugin for security.”

Mantas · February 21, 2024, 10:38am

Hi geg6439,

You could try using env variables, see here for more details:
Using environmental variables in Open Distro security plugin configuration - #2 by clsa

Best,
mj

greg6439 · February 22, 2024, 2:18am

This worked great
I am using docker so i set env variable BIND_PASSWORD
I then referenced this in config.yml with
password: ${env.BIND_PASSWORD}

Topic		Replies	Views
How i can hide password values in security backend Security configure , security-issue	1	327	February 15, 2024
LDAP password keystore Open Source Elasticsearch and Kibana	4	1169	December 29, 2021
LDAP configuration and password hash Security	2	731	June 9, 2021
Using environmental variables in Open Distro security plugin configuration Security	5	2514	June 25, 2024
Elasticsearch-keystore for opendistro config.yml Security	2	2742	May 5, 2021

Hide LDAP credentials in config file

Related topics