Skip to content

ao1024/search-guard-ssl

Repository files navigation

Search Guard SSL for ES 2.1

Elasticsearch SSL for free.

Search Guard SSL is a free and open source plugin for Elasticsearch which provides SSL for Elasticsearch. It does not provide authentication and authorization. For that pls refer to Search Guard.

Logo

Build Status Coverage Status

##Support

##Features

  • Node-to-node encryption through SSL/TLS (Transport layer)
  • Secure REST layer through HTTPS (SSL/TLS)
  • Supports JDK SSL and Open SSL
  • Only external dependency is Netty 4 (and Tomcat Native if Open SSL is used)
  • Works with Kibana 4, logstash and beats

##Pre-Installation ###Check Release Integrity

You must verify the integrity of the downloaded file. We provide PGP signatures for every release file. This signature should be matched against the KEYS file. We also provide MD5 and SHA-1 checksums for every release file. After you download the file, you should calculate a checksum for your download, and make sure it is the same as ours. Here and here are some tips how to verify the pgp signatures.

##Installation Install it like any other Elasticsearch plugin

sudo bin/plugin install com.floragunn/search-guard-ssl/2.1.0.2

Prerequisites:

  • Java 7 or 8 (recommended)
  • Elasticsearch 2.1.0
  • Optional: Tomcat Native and Open SSL, see wiki

Build it yourself:

  • Install maven 3.1+
  • git clone https://github.com/floragunncom/search-guard-ssl.git
  • cd search-guard-ssl
  • execute mvn package -DskipTests

##Configuration

Search Guard SSL configuration is done in elasticsearch.yml. Please refer to searchguard-ssl-config-template.yml to see the configuration options and their defaults.

Note:

  • security.manager.enabled - Must currently be set to false. This will likely change with Elasticsearch 2.2, see PR 14108

Check your configuration by visiting https://localhost:9200/_searchguard/sslinfo?pretty if you have enabled HTTPS or http://localhost:9200/_searchguard/sslinfo?pretty if HTTPS is not enabled.

For details refer to the wiki.

###Logging Configured in elasticsearch's logging.yml. Nothing special. To enable debug just add

logger.com.floragunn.searchguard.ssl: DEBUG

###SSL Certificates

###Update and Upgrade TBD

###License Copyright 2015 floragunn UG (haftungsbeschränkt)

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

About

Elasticsearch SSL for free. Does also support native Open SSL

Resources

License

Stars

Watchers

Forks

Packages

No packages published