Setting up Elasticsearch
By default, Cloud Security Plus uses self-signed certificates for Elasticsearch security (authentication and encryption). If you want to use your own certificates for ES security, follow the below steps:
- First, make sure you have a client certificate, a node certificate, and a root certificate. Also ensure that all three are in PEM format.
- Rename the certificates and their corresponding keys as follows:
- Client certificate to client.pem and its key to client.key
- Node certificate to localnode.pem and its key to localnode.key
- Root certificate to root_ca.pem and its key to root_ca.key
- Now, go to /ES/config and open the dae.properties file.
- Change the value of the parameter use_custom_certificates to true.
- In /ES/config , check if the following files exist. If they do exist, delete them.
- Then, copy your certificates to <CloudSecurityPlus_Home>/ES/config .
- Now, go to <CloudSecurityPlus_Home>/ES/bin and run the verifyCertificates.bat file.
- If you receive a message saying 'Certificate Validation Done', start the server. If you do not get the message, contact support at firstname.lastname@example.org.