1、在任意一台es成员执行以下命令
bin/elasticsearch-certutil cert -out config/elastic-certificates.p12 -pass ""
2、将/etc/elasticsearch/下生成的证书修改权限
chmod 644 elastic-certificates.p12
chown elastic elastic-certificates.p12
chgrp elastic elastic-certificates.p12
3、scp到其他节点
scp -r certs/ root@IP:22:/opt/modules/elasticsearch-7.14.0/config/
chmod 644 elastic-certificates.p12
chown elastic elastic-certificates.p12
chgrp elastic elastic-certificates.p12
4、在每台节点的elasticsearch配置文件中开启x-pack验证并重启
xpack.security.enabled: true
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: elastic-certificates.p12
xpack.security.transport.ssl.truststore.path: elastic-certificates.p12
http.cors.allow-headers: Authorization,X-Requested-With,Content-Length,Content-Type
5、在主节点es机器执行设置用户名和密码的命令
bin目录下执行: ./elasticsearch-setup-passwords interactive,依次设置以下用户密码:
elastic elastic#@2024
apm_system elastic#@2024
kibana_system elastic#@2024
logstash_system elastic#@2024
beats_system elastic#@2024
remote_monitoring_user elastic#@2024
6、在kibana中修改配置文件,添加es的账密,并且重启
elasticsearch.username: "elastic"
elasticsearch.password: "elastic#@2024"