一、概述

Elasticsearch 是一个开源的分布式搜索引擎，用于存储和检索大量数据。由于 Elasticsearch 存储的数据可能包含敏感信息，因此需要对 Elasticsearch 进行安全配置，以保护数据的安全性。

设置密码是 Elasticsearch 安全配置的一部分。通过设置密码，可以限制对 Elasticsearch 的访问，只允许授权的用户访问 Elasticsearch。这可以有效地防止未经授权的用户访问 Elasticsearch 数据，并保护 Elasticsearch 中存储的敏感信息。

版本

Elasticsearch-7.8.1

二、流程

#切换安装目录
cd /opt/moudle/elasticsearch-7.8.1

#生成证书
./bin/elasticsearch-certutil ca
./bin/elasticsearch-certutil cert --ca elastic-stack-ca.p12

#创建证书文件存放问价夹
mkdir /opt/moudle/elasticsearch-7.8.1/config/certs
#移动证书
mv elastic-certificates.p12  config/certs/
mv elastic-stack-ca.p12 config/certs/

#修改配置文件，添加如下
vim config/elasticsearch.yml
# -- -- 
#开启安全认证
xpack.security.enabled: true
#tcp 启用TLS
xpack.security.transport.ssl.enabled: true
xpack.security.transport.ssl.verification_mode: certificate
xpack.security.transport.ssl.keystore.path: certs/elastic-certificates.p12
# -- -- 

##重启Elastisearch

#重启后初始化密码
./bin/elasticsearch-setup-passwords interactive
# 以下是提示，一次输入密码
Initiating the setup of passwords for reserved users elastic,apm_system,kibana,kibana_system,logstash_system,beats_system,remote_monitoring_user.
You will be prompted to enter passwords as the process progresses.
Please confirm that you would like to continue [y/N]y

Enter password for [elastic]:
Reenter password for [elastic]:
Enter password for [apm_system]:
Reenter password for [apm_system]:
Enter password for [kibana_system]:
Reenter password for [kibana_system]:
Enter password for [logstash_system]:
Reenter password for [logstash_system]:
Enter password for [beats_system]:
Reenter password for [beats_system]:
Enter password for [remote_monitoring_user]:
Reenter password for [remote_monitoring_user]:
Changed password for user [apm_system]
Changed password for user [kibana_system]
Changed password for user [kibana]
Changed password for user [logstash_system]
Changed password for user [beats_system]
Changed password for user [remote_monitoring_user]
Changed password for user [elastic

#本地测试
curl http://127.0.0.1:9200/_cat/indices -u elastic:elastic