If I have three elasticsearch servers and three graylog 4 servers an example. For the graylog servers to talk to elasticsearch over https the basic steps are setup elastic https, point the server.conf file to https for node names and import the chain into java for graylog. Does that sound right? For also doing auth do I do xpack (we own enterprise) and then interactive setup then connect using the elastic user?
I am just about to setup https and tls. The initial steps sound right:
https://docs.graylog.org/en/4.0/pages/configuration/https.html
There is this note:
You have multiple options to ensure that your connection is secure and safe. The first would be to create a self-signed certificate, add that to the previously copied java keystore and use this keystore with your Graylog java options. Since you will need to do this for every certificate and every trust store, this quickly becomes unmanageable in a clustered architecture. Each node needs to trust all certificates from all other nodes.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.