opensearch-docs-cn/_security-plugin/configuration/index.md

---
layout: default
title: Configuration
nav_order: 5
has_children: true
has_toc: false
redirect_from:
  - /security-plugin/configuration/
---

# Security configuration

The plugin includes demo certificates so that you can get up and running quickly, but before using OpenSearch in a production environment, you must configure it manually:

1. [Replace the demo certificates]({{site.url}}{{site.baseurl}}/opensearch/install/docker-security).
1. [Reconfigure opensearch.yml to use your certificates]({{site.url}}{{site.baseurl}}/security-plugin/configuration/tls).
1. [Reconfigure config.yml to use your authentication backend]({{site.url}}{{site.baseurl}}/security-plugin/configuration/configuration/) (if you don't plan to use the internal user database).
1. [Modify the configuration YAML files]({{site.url}}{{site.baseurl}}/security-plugin/configuration/yaml).
1. If you plan to use the internal user database, [set a password policy in opensearch.yml]({{site.url}}{{site.baseurl}}/security-plugin/configuration/yaml/#opensearchyml).
1. [Apply changes using securityadmin.sh]({{site.url}}{{site.baseurl}}/security-plugin/configuration/security-admin).
1. Start OpenSearch.
1. [Add users, roles, role mappings, and tenants]({{site.url}}{{site.baseurl}}/security-plugin/access-control/index/).

If you don't want to use the plugin, see [Disable security]({{site.url}}{{site.baseurl}}/security-plugin/configuration/disable).
Breaks site 2021-05-28 13:48:19 -04:00			`---`
			`layout: default`
			`title: Configuration`
Update index.md 2021-06-10 15:14:42 -04:00			`nav_order: 5`
Breaks site 2021-05-28 13:48:19 -04:00			`has_children: true`
			`has_toc: false`
Perhaps I can redirect myself out of this long nightmare 2021-06-10 18:09:17 -04:00			`redirect_from:`
			`- /security-plugin/configuration/`
Breaks site 2021-05-28 13:48:19 -04:00			`---`

			`# Security configuration`

			`The plugin includes demo certificates so that you can get up and running quickly, but before using OpenSearch in a production environment, you must configure it manually:`

Add SSL configuration for Dashboards 2021-07-09 18:33:35 -04:00			`1. [Replace the demo certificates]({{site.url}}{{site.baseurl}}/opensearch/install/docker-security).`
			`1. [Reconfigure opensearch.yml to use your certificates]({{site.url}}{{site.baseurl}}/security-plugin/configuration/tls).`
			`1. [Reconfigure config.yml to use your authentication backend]({{site.url}}{{site.baseurl}}/security-plugin/configuration/configuration/) (if you don't plan to use the internal user database).`
			`1. [Modify the configuration YAML files]({{site.url}}{{site.baseurl}}/security-plugin/configuration/yaml).`
Add link recommending password policy 2021-07-11 21:10:36 -04:00			`1. If you plan to use the internal user database, [set a password policy in opensearch.yml]({{site.url}}{{site.baseurl}}/security-plugin/configuration/yaml/#opensearchyml).`
Add SSL configuration for Dashboards 2021-07-09 18:33:35 -04:00			`1. [Apply changes using securityadmin.sh]({{site.url}}{{site.baseurl}}/security-plugin/configuration/security-admin).`
Breaks site 2021-05-28 13:48:19 -04:00			`1. Start OpenSearch.`
Add SSL configuration for Dashboards 2021-07-09 18:33:35 -04:00			`1. [Add users, roles, role mappings, and tenants]({{site.url}}{{site.baseurl}}/security-plugin/access-control/index/).`
Breaks site 2021-05-28 13:48:19 -04:00
Perhaps I can redirect myself out of this long nightmare 2021-06-10 18:09:17 -04:00			`If you don't want to use the plugin, see [Disable security]({{site.url}}{{site.baseurl}}/security-plugin/configuration/disable).`