在弹性搜索中生成密钥库并在readonlyrest插件中添加身份验证？ [英] In Elasticsearch where to generate keystore and add authentication in readonlyrest plugin?

问题描述

我正在使用 readonlyrest 插件在弹性搜索集群中添加密码验证。我正在安装插件，现在我正在尝试配置我的配置文件（.yml文件），但是如果0他们正在使用密钥库，请参见下文

I am trying to add password authentication in my elasticsearch cluster using readonlyrest plugin. I installed the plugin successfully now i am trying to configure my configuration file(.yml file) but there In case 0 they are using a keystore see below

http.type: ssl_netty4
readonlyrest:
enable: true

ssl:
  enable: true
  keystore_file: "/elasticsearch/plugins/readonlyrest/keystore.jks"
  keystore_pass: readonlyrest
  key_pass: readonlyrest

任何人都可以从我可以从哪里我可以生成此密钥库，还可以在此插件中设置的用户名和密码验证参数在哪里。

Can anyone please tell me from where i can generate this keystore and also where is the username and password authentication parameters set in this plugin.

推荐答案

您可以使用 Letsencrypt 可以免费生成有效的SSL证书。

You can use Letsencrypt to generate a valid SSL certificate for free.

使用Letsencrypt自己的工具，名为 certbot

Use Letsencrypt's own tool called certbot

Letsencrypt证书只能工作f在ReadonlyREST中，但首先你必须将其转换为JKS密钥库。

A Letsencrypt certificate works just fine in ReadonlyREST, but first you have to convert it into a JKS keystore.

从Letsencrypt证书获取JKS密钥库是一个常见的过程：如果您想使用Letsencrypt与Tomcat。一个很常见的googleable用例。

Obtaining a JKS keystore from Letsencrypt certs is a common procedure: you would do the same if you want to use Letsencrypt with Tomcat. A very common, googleable use case.

PS：我将在以下几周内逐步发布一些详细的文档，在官方网站。

PS: I will progressively release some detailed documentation in the following weeks on the official website.

这篇关于在弹性搜索中生成密钥库并在readonlyrest插件中添加身份验证？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！