elk安装ssl认证

1-1.配置/etc/hosts文件(单机)
如果是集群第二台不需要kibana.local和logstash.local

1-2.在node1上创建SSL证书

1-3.创建实例yaml(单机)
如果是集群要多添加node

1-4.生成CA和服务器证书
./elasticsearch-certutil cert ca —pem —in /tmp/cert_blog/instance.yml —out /tmp/cert_blog/certs.zip
1-5.将 cert 文件复制到 config 文件夹
进入elasticsearch的config目录
mkdir certs
cp /tmp/cert_blog/certs/ca/ca.crt /tmp/cert_blog/certs/node1/* cert
配置elasticsearch.yml

启动elasticsearch
2-1.node1上为kibana加认证
将1-4生成的证书拷贝到kibana/config/certs中
2-2.配置kibana.yml

3-1.在node1为logstash启用
创建文件夹并复制证书,将ca和.crt,.key文件复制到logstash/config/certs目录下:利用openssl将.key转化为TLSPKCS#8 格式
openssl pkcs8 -in config/certs/logstash.key -topk8 -nocrypt -out config/certs/logstash.pkcs8.key

3-2.配置logstash.yml

3-3.创建syslog.conf文件

3-3.创建syslog.conf文件


4-1.效果

4-2.索引正常

4-3.es日志正常

5-1.参考链接
https://www.elastic.co/cn/blog/configuring-ssl-tls-and-https-to-secure-elasticsearch-kibana-beats-and-logstash