Securing Communication with Internal Data Store
When you install Internal Data Store it comes with a pre-configured SSL certificate, and default keystore and trustore files. The keystore and truststore function as repositories for the storage of keys and certificates necessary for SSL authentication, encryption/decryption, and digital signing/verification services. You can find the default truststore and keystore files in the following locations:
Software AG_directory /EventDataStore/plugins/search-guard-2/sgconfig/demouser-keystore.jks
Software AG_directory /EventDataStore/plugins/search-guard-2/sgconfig/truststore.jks
Internal Data Store is enabled for SSL through the Elasticsearch Search Guard plugin. You do not need to interact with the Search Guard plugin configuration to use SSL with Internal Data Store. However, if you want to customize your Search Guard configuration, you can use the sgadmin command line tool.
To modify the Search Guard configuration of an SSL-enabled Internal Data Store, you must authenticate the sgadmin tool with a .jks-based keystore and truststore. Run one of the following scripts to access the sgadmin tool:
For Linux -
Software AG_directory /EventDataStore/repo/search-guard-2/tools/sgadmin.sh.
For Windows -
Software AG_directory \EventDataStore\repo\search-guard-2\tools\sgadmin.bat.
For more information about modifying your Search Guard configuration, see the Search Guard documentation.
If you use Internal Data Store in a production environment, you must replace the Internal Data Store default certificates, keystore and truststore files with custom files. For more information about creating keystores and truststores, importing keys and certificates into keystores and truststores, and other operations with these files, see the documentation for your certificate management tool.