Private certificate


I have the certificate authority of my organization that i need to install in my cluster but i didn’t find any solution or documentation to how generate the node or root certification
Is there any documentation or step to do ?

need help

Best regard

Hi @ImadB

Have you seen this documentation?

As per docs, you’ll need to follow the below steps to get SSL certificates signed by your CA.

  1. Generate certificates for ES nodes, Kibana server (if you wish to access Kibana with HTTPS) and admin security user.
    All ES nodes and Kibana certificates must have CN corresponding with their FQDN. Alternatively, you can add the host short name and IP address in the certificate’s SAN.
  2. Generate CSR for each of SSL certs(Certificate Signing Request)
  3. Sign CSRs with CA (This should be done by CA if external or your CA admin if CA is internal)
  4. Place signed certificates and root-CA certificate in /usr/share/elasticsearch/config folder of ES and /usr/share/kibana folder of Kibana (if HTTPS will be used)
  5. Point ES and Kibana to signed SSL certificates in elasticsearch.yml and kibana.yml config files.