iSharkFly-Docs/opensearch-docs-cn
1
0
Fork 0
mirror of https://github.com/iSharkFly-Docs/opensearch-docs-cn synced 2025-02-28 01:59:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

add note regarding required use of TLS transport (#804)

Browse Source 
* add note regarding required use of TLS transport

"basic usage" doesn't mention that the securityadmin.sh command will fail outright if "plugins.security.ssl.http.enabled" is set to "false"

Signed-off-by: David Vassallo <davevassallo@gmail.com>

* Update _security-plugin/configuration/security-admin.md

Signed-off-by: David Vassallo <davevassallo@gmail.com>

Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>

Signed-off-by: David Vassallo <davevassallo@gmail.com>
Co-authored-by: Naarcha-AWS <97990722+Naarcha-AWS@users.noreply.github.com>
This commit is contained in:
David Vassallo 2022-09-01 19:19:15 +03:00 committed by GitHub
parent aa5823d61c
commit 0b624cbaf2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
_security-plugin/configuration/security-admin.md
View File

@ -80,6 +80,10 @@ You can't use node certificates as admin certificates. The two must be separate.
The `securityadmin.sh` tool can be run from any machine that has access to the http port of your OpenSearch cluster (the default port is 9200). You can change the security plugin configuration without having to access your nodes through SSH.
`securityadmin.sh` requires that SSL/TLS transport is enabled on your opensearch cluster. In other words, make sure that the `plugins.security.ssl.http.enabled: true` is set in `opensearch.yml` before proceeding.
{: .note}
`plugins.security.ssl.http.enabled: true`
Each node also includes the tool at `plugins/opensearch-security/tools/securityadmin.sh`. You might need to make the script executable before running it:
```bash