We have ES with Opendistro security plugin:
Node to Node encryption: https://opendistro.github.io/for-elasticsearch-docs/docs/security-configuration/ 1
How do we verify the node to node encryption is happening.
We sent an indexing request to Leader IP, and in the replica IP we saw tcpdump ( as internode communication is TCP ) but there was no luck.
Could someone help us how to verify node to node encryption?
@somebody8123 simplest way would be try and configure one 1 node with certs on transport layer and one without, when trying to connect you will see errors as it fails to connect.
If you have access to tools like nmap you could run the below command to print out the list of supported encryption on the endpoint:
nmap --script ssl-enum-ciphers -p <IP_address> (need to find out which port its running on - as it could be in 9300+ range)
Regarding your test, you could also try and sniff the packets between the 2 encrypted nodes and see thats they are not readable due to encryption. Hope this helps