Public issued SSL certs

Does anyone know any good tutorials to follow to set up SSL for ES or kibana using a publically issued cert? I bought a cert from sectigo, but no idea how to get it to work on ODfES as the documentation only describes self signed certs.

i figured it out. if anyone wants me to type up the solution i will do it

Hi, yes if you can post the solution - that would be great.

Also good to know for me

Hi Luistro,

Can you please post your solution.


When you get a public CA issued cert it comes with several fields in one pem:

  1. private key
  2. the actual cert
  3. several CA certs, in my case it was 3

Make 3 copies of this pem, edit them so there is one with a private key in one, another one with the cert and the last one with the CA cert(s).

Set the ownership of the files to kibana:kibana and make sure they also have the correct perms (600 or 644 depending on how you’re running the process).

The rest of the guide is accurate in regards to the confs. The major issue I faced that took some time to figure out is when I would start the process, it would exit immediately and with no logs, the reason being it couldnt read the pem files because i had them at 600, but it wasnt being run as root. So if you cant figure out why it keep crashing run the process manually (cat the service file for exec) and see the output.