pablo
April 5, 2023, 12:27pm
8
@dnyamy Try using opensearch.ssl.certificate and opensearch.ssl.key. These are not documented. However, it was already reported to the dev team.
opened 04:17PM - 09 Feb 23 UTC
dashboards
1 - Backlog
security
**What do you want to do?**
- [X] Request a change to existing documentation…
- [ ] Add new documentation
- [ ] Report a technical problem with the documentation
- [ ] Other
**Tell us about your request.** Provide a summary of the request and all versions that are affected.
I am using version 2.5.0 of both OpenSearch and OpenSearch Dashboards.
I have recently tried configuring OpenSearch Dashboards to connect to an OpenSearch instance that we have secured with TLS encryption on all ports.
I was referring to this documentation: https://opensearch.org/docs/latest/install-and-configure/install-dashboards/tls/
This topic provides insufficient information on the settings available within OpenSearch Dashboards. I was trying to specify the client cert and key via `server.ssl.certificate` and `server.ssl.key` since those are the settings given in the table. This led to a frustrating time watching the connection continually fail with `Socket hang up` errors.
It was only after I started picking through the entrypoint script for the OpenSearch Dashboards container that I found the settings I actually needed, which are `opensearch.ssl.certificate` and `opensearch.ssl.key`. I also discovered there are many more settings that simply are not documented.
Ideally a more comprehensive set of reference documentation that covers all the settings available and how to use them would exist (maybe I just can't find it!).
Let me know if there's any further information I can provide to help clarify this issue.
**What other resources are available?** Provide links to related issues, POCs, steps for testing, etc.
N/A
Just be aware, that root CA of the OpenSearch Dashboards client certificate must be known to the OpenSearch node. Ideally, if the OpenSearch node and OpenSearch Dashboards certs were created with the same RootCA.
1 Like