I have few queries on the OpenID IDP integration with Opensearch.
We have IDP configured at org level and we will be using the same thing for integration.
I have created a config.yml and add required paramenter to opensearch.yml and opensearch-dashboard.
for example:- openidconnectUrl, appliation ID and secret etc…
I am using docker-compose to start the opensearch and opensearch-dashboard with single node.
I am getting message you may run the securityadmin.sh first to configure/initialize the opensearch-security.
When I run the securityadmin.sh I am getting the following information.
Will connect to localhost:9200 ... done Connected as "CN=kirk,OU=client,O=client,L=test,C=de" OpenSearch Version: 2.2.0 Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ... Clustername: opensearch-cluster Clusterstate: GREEN Number of nodes: 1 Number of data nodes: 1 .opendistro_security index already exists, so we do not need to create one. Legacy index '.opendistro_security' (ES 6) detected (or forced). You should migrate the configuration!
When I search the error found that there is bug in opensearch 2.0. I hope this will fix the issue.
The another question is if we want to do the IDP integration with opensearch in production environment. Do we need to have a root-ca certificate from IDP to validate it the authentication.
Kindly provide your valuable opinion.