...
For more information on system configuration, see Configuring System Settings.
Enable TLS 1.2 and 1.3 versions for Elasticsearch
You to add the following two lines in the elasticsearch.yml file:
Code Block |
---|
xpack.security.http.ssl.supported_protocols: TLSv1.3, TLSv1.2
xpack.security.transport.ssl.supported_protocols: TLSv1.2, TLSv1.3 |
The following is the sample .yml file:
Code Block |
---|
cluster.name: zephyr
node.name: "ESNode1"
network.host: 127.0.0.1
http.port: 9200
bootstrap.memory_lock: true
xpack.security.enabled: true
discovery.seed_hosts: ["127.0.0.1"]
cluster.initial_master_nodes: ["ESNode1"]
indices.query.bool.max_clause_count: 9024
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: <path to your elasticsearch installation directory>/config/certs/elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: <path to your elasticsearch installation directory>/config/certs/elastic-certificates.p12
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path:<path to your elasticsearch installation directory>/config/certs/elastic-http1.p12
xpack.security.http.ssl.supported_protocols: TLSv1.3, TLSv1.2
xpack.security.transport.ssl.supported_protocols: TLSv1.2, TLSv1.3 |
Enable Elasticsearch Authentication
...