i went through the documentation but i couldnt really get it working. What i want is a simple user and password to OpenSearch. At the moment, everybody could connect to my OpenSearch without user and password. This of course needs to be disabled. My OpenSearch runs in a Docker container. What i got so far is to map internal_users.yml with my own settings (that being my user and the hashed password). What else do i need to do? If i do “DISABLE_SECURITY_PLUGIN=false” to my docker-compose.yml, i get an error when starting the container
OpenSearchException[plugins.security.ssl.transport.keystore_filepath or plugins.security.ssl.transport.server.pemcert_filepath and plugins.security.ssl.transport.client.pemcert_filepath must be set if transport ssl is requested
I dont want SSL anyways and I am not sure if DISABLE_SECURITY_PLUGIN=false is even what i need here. Please steer me into the right direction
If you enable security then I am not positive if opensearch will work without ssl. In my case i had to turn on ssl by generating a staging or production certificate using lets encrypt. There are other certificates required as well specifically admin certificate in order to perform securityadmin.sh execution.
If you want basic authentication then you will need security and possibly ssl too.
More specifically in order to have your custom user with access roles assigned for it to login you need security plugin enabled. There are demo internal users pre-configured in security plugin already which you can use once you enabled security.
