原英文版地址: https://www.elastic.co/guide/en/elasticsearch/reference/7.7/encrypting-communications.html, 原文档版权归 www.elastic.co 所有
本地英文版地址: ../en/encrypting-communications.html
重要: 此版本不会发布额外的bug修复或文档更新。最新信息请参考 当前版本文档
Elasticsearch Guide [7.7] » Secure a cluster » Encrypting communications
« Auditing search queries Setting up TLS on a cluster »

Encrypting communicationsedit

Elasticsearch nodes store data that may be confidential. Attacks on the data may come from the network. These attacks could include sniffing of the data, manipulation of the data, and attempts to gain access to the server and thus the files storing the data. Securing your nodes helps reduce the risk from network-based attacks.

This section shows how to:

  • Encrypt traffic to, from and within an Elasticsearch cluster using SSL/TLS,
  • Require nodes to authenticate as they join the cluster using SSL certificates, and
  • Make it more difficult for remote attackers to issue any commands to Elasticsearch.

The authentication of new nodes helps prevent a rogue node from joining the cluster and receiving data through replication.

« Auditing search queries Setting up TLS on a cluster »