I installed OpenSearch on Ubuntu 22. Use MS CA signed wildcard certificate to build cluster ronc-oss. Cluster should have 3 nodes. Im not sure about wildcard. Here is security config from opensearch.yml. Can somebody get a little help )
plugins.security.ssl.transport.pemcert_filepath: esnode.pem
plugins.security.ssl.transport.pemkey_filepath: esnode-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.http.enabled: true
plugins.security.ssl.http.pemcert_filepath: esnode.pem
plugins.security.ssl.http.pemkey_filepath: esnode-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: root-ca.pem
#plugins.security.allow_unsafe_democertificates: true
plugins.security.allow_default_init_securityindex: true
plugins.security.authcz.admin_dn:
- "CN=admin.ronc.ru,OU=IT,O=RONC.RU,L=Moscow,ST=Moscow,C=RU"
plugins.security.nodes_dn:
- "CN=*.ronc.ru,OU=IT,O=RONC.RU,L=Moscow,ST=Moscow,C=RU"
- "CN=*.ronc.ru,OU=IT,O=RONC.RU,L=Moscow,ST=Moscow,C=RU"
- "CN=*.ronc.ru,OU=IT,O=RONC.RU,L=Moscow,ST=Moscow,C=RU"
plugins.security.audit.type: internal_opensearch
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".plugins-ml-config", ".plugins-ml-connector", ".plugins-ml-model-group", ".plugins-ml-model", ".plugins-ml-task", ".plugins-ml-conversation-meta", ".plugins-ml-conversation-interactions", ".opendistro-alerting-config", ".opendist>
node.max_local_storage_nodes: 3
plugins.security.ssl.http.enabled_protocols:
- "TLSv1.2"
- "TLSv1.3"