How to communicate with ODfE with certificates

Hi all,
I’m pretty new to ODfE,

Currently, I was able to spinup odfe cluster and im sending data from few beats to it using user credentials (i;e admin/admin)
Note: Im running the cluster on my local virtual environment…
So far i was able to send data to the cluster from

  1. Winlogbeats
  2. Metricbeats
  3. Logstash
  4. Filbeats via logstash

As per a security requirement I don’t want to store user credentials on my host machines as plain text.
i was trying to find a proper doc to configure this communication using certificates.

What I want to do: (Bottom line)

  1. I want to send data to opendistro.Elasticsearch from beats and Logstash using certificates (No user credentials stred anywhere).
  2. However, i still need to have Kibana to be accessed with Credentials

I was able to generate new certificates using this article.

If someone can shed some light on how I can achieve this, I would really appreciate it

@thanurak Did you manage to get this resolved?

There is a section in config.yml clientcert_auth_domain which needs to be enabled to authenticate with certs.

The certs then need to be provided in logstash.yml file. Below is example from filebeats.yml

  hosts: ["https://localhost:9200"]
  ssl.certificate_authorities: ["/path/to/root-ca.pem"]
  ssl.certificate: "/path/to/cert.pem"
  ssl.key: "/path/to/cert.key"