Lab
A Cloud Guru

Encrypt the Elasticsearch Client Network

No matter what technology we are working with, we always need to be mindful of security. Big data platforms are certainly no exception, as they can contain massive amounts of sensitive data that must be protected. Elasticsearch has made securing your cluster very easy with native security configurations and tools to ensure that your data is only accessible to authorized users. In this hands-on lab, you will have the opportunity to encrypt the client network of an Elasticsearch cluster in order to protect the integrity and privacy of API requests between a client and an Elasticsearch node.

Try for free Contact sales

Path Info

Level

Intermediate

Duration

1h 30m

Published

Jul 17, 2020

Challenge

Configure client network encryption.
Using the Secure Shell (SSH), log in to each node as cloud_user via the public IP address.

Become the root user with:
```
sudo su -
```
Add the following to /etc/elasticsearch/elasticsearch.yml on each node:
```
xpack.security.http.ssl.enabled: true
xpack.security.http.ssl.keystore.path: certificate.p12
xpack.security.http.ssl.truststore.path: certificate.p12
```
Challenge

Restart Elasticsearch.
Restart Elasticsearch with:
```
systemctl restart elasticsearch
```

Author

A Cloud Guru

The Cloud Content team comprises subject matter experts hyper focused on services offered by the leading cloud vendors (AWS, GCP, and Azure), as well as cloud-related technologies such as Linux and DevOps. The team is thrilled to share their knowledge to help you build modern tech solutions from the ground up, secure and optimize your environments, and so much more!

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.