Elasticsearch安全认证
小于 1 分钟ElasticsearchElasticsearch
在配置文件添加配置,配置文件路径
/usr/share/elasticsearch/config/elasticsearch.yml
xpack.security.enabled: true xpack.license.self_generated.type: basic xpack.security.transport.ssl.enabled: true xpack.security.transport.ssl.verification_mode: certificate xpack.security.transport.ssl.keystore.path: elastic-certificates.p12 xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
生成证书
# cd到elasticsearch目录下的bin目录执行 ./elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""
并将证书放到
/usr/share/elasticsearch/config/elastic-certificates.p12
初始化,设置密码
docker exec -it cmp-elasticsearch bash cd bin ./elasticsearch-setup-passwords interactive
或者
以docker为例:
docker exec -it cmp-elasticsearch /usr/share/elasticsearch/bin/elasticsearch-users useradd admin -p admin123 -r superuser; curl -u admin:admin123 -XPUT "http://localhost:9200/_xpack/security/user/elastic/_password?pretty" -H 'Content-Type: application/json' -d '{"password":"passwprd"}'; docker exec -it cmp-elasticsearch /usr/share/elasticsearch/bin/elasticsearch-users userdel admin;