From version 5.0 onward, Shield is part of X-Pack. For more information, see
Securing the Elastic Stack.
Install the newly signed certificate
editInstall the newly signed certificate
editReplace the existing unsigned certificate by importing the new signed certificate from your CA into the node keystore:
This name of the signed certificate file that you received from the CA. |
|
The |
keytool confuses some PEM-encoded certificates with extra text headers as DER-encoded certificates, giving
this error: java.security.cert.CertificateParsingException: invalid DER-encoded certificate data
. The text information
can be deleted from the certificate. The following openssl command will remove the text headers:
openssl x509 -in node01-signed.crt -out node01-signed-noheaders.crt