ES SSL Server Config
Posted: Sat Jan 14, 2017 7:50 pm
I am pleased to say we have gotten most of our configuation working thanks to Nagios support here on the forums. For those just reading this, we are implementing a tiered NLS environment where multiple NLS instances will need to send data between each other. See the link here for details:
https://support.nagios.com/forum/viewto ... 37&t=41560
We now have data flowing from lower tiered NLS nodes to parent nodes. However we now need to secure the communication at the protocol level. In the previous post, we were advised to set the client to use the following:
elasticsearch {
cluster => 'cluster_id'
host => 'host_ip'
document_type => '%{type}'
protocol => 'http'
ssl => true
workers => 4
}
That does not work because the server does not have a server certificate. From a NLS perspective, we have looked at the documentation here which instructs us on how to setup a SSL cert for the web page and NLS use:
https://library.nagios.com/library/prod ... igure-ssl/
I am assuming we need to configure ES to use the certificate specifically so any advise would be greatly appreciated. So can anyone advise on how to setup and use a cert / SSL with ES?
Also, as a side note, we have been approved to purchase NLS. However my director is asking how long the next version will be out because he says we really need to have user/group access which appears on the roadmap for the next version. He says he would rather wait a month or so to purchase and deploy then rather than purchase the solution, deploy, and then have to upgrade or re-deploy due to the potential for downtime. So the question here is since the new version of the elk stack will be used is in the next version will there be a direct upgrade path between current product line?
Thanks
https://support.nagios.com/forum/viewto ... 37&t=41560
We now have data flowing from lower tiered NLS nodes to parent nodes. However we now need to secure the communication at the protocol level. In the previous post, we were advised to set the client to use the following:
elasticsearch {
cluster => 'cluster_id'
host => 'host_ip'
document_type => '%{type}'
protocol => 'http'
ssl => true
workers => 4
}
That does not work because the server does not have a server certificate. From a NLS perspective, we have looked at the documentation here which instructs us on how to setup a SSL cert for the web page and NLS use:
https://library.nagios.com/library/prod ... igure-ssl/
I am assuming we need to configure ES to use the certificate specifically so any advise would be greatly appreciated. So can anyone advise on how to setup and use a cert / SSL with ES?
Also, as a side note, we have been approved to purchase NLS. However my director is asking how long the next version will be out because he says we really need to have user/group access which appears on the roadmap for the next version. He says he would rather wait a month or so to purchase and deploy then rather than purchase the solution, deploy, and then have to upgrade or re-deploy due to the potential for downtime. So the question here is since the new version of the elk stack will be used is in the next version will there be a direct upgrade path between current product line?
Thanks