Using security plugin without SSL for authentication only

Hi,

Is it possbile to use security plugin without SSL for authentication from some simple (internal?) user database only?

Hi,

You can open HTTP to Kibana URL and authenticate.

ES won’t let you to authenticate with HTTP as security plugin requires SSL certificates.

Why do you want to disable SSL?

See https://github.com/opendistro-for-elasticsearch/security/issues/37

As for me, no need for SSL between Elasticsearch and Kibana in all cases, using security plugin for authentication only is good case too

Transport communication between the nodes has to work with SSL certs as per blog (ports 9300 - 9400). Found that you can disable SSL on ES HTTP (opendistro_security.ssl.http.enabled: false).

I’m not about Elasticsearch nodes, I’m about communication between Elasticsearch and Kibana

I want to continue this discussion. When using the Opensearch Security plugin I need to turn off all SSL and use the Istio Service Mesh MTLS instead. We use Tenants, Roles, Role Mapping but the Service Mesh takes care of and automates the daily certificate rotation.