Opensearch integration with IDP

Hello All,

I have few queries on the OpenID IDP integration with Opensearch.

We have IDP configured at org level and we will be using the same thing for integration.

I have created a config.yml and add required paramenter to opensearch.yml and opensearch-dashboard.

for example:- openidconnectUrl, appliation ID and secret etc…

I am using docker-compose to start the opensearch and opensearch-dashboard with single node.

I am getting message you may run the first to configure/initialize the opensearch-security.

When I run the I am getting the following information.

Will connect to localhost:9200 ... done
Connected as "CN=kirk,OU=client,O=client,L=test,C=de"
OpenSearch Version: 2.2.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: opensearch-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Legacy index '.opendistro_security' (ES 6) detected (or forced). You should migrate the configuration!

When I search the error found that there is bug in opensearch 2.0. I hope this will fix the issue.

The another question is if we want to do the IDP integration with opensearch in production environment. Do we need to have a root-ca certificate from IDP to validate it the authentication.

Kindly provide your valuable opinion.