Nearly solved, i found an old post relative to demo certificates:
Demo certificates found? - Security - OpenSearch
remove totally from /etc/opensearch folder demo certificates + add this line in opensearch.yml :
plugins.security.allow_default_init_securityindex: true
then add an override.conf file for blocking creation or usage of demo certs:
/etc/systemd/system/opensearch.service.d/override.conf
[Service]
Environment=“DISABLE_INSTALL_DEMO_CONFIG=true”
service now starts perfectly, http is disable and https access require a user/password.
I tried admin/admin but no access is granted.
Searching in progress 