Related

Manage Keystore

elasticsearch

Create Elasticsearch keystore

Setup Built-in User Passwords

elasticsearch

Set passwords for built-in users

Check Cluster Health

elasticsearch

Get overall Elasticsearch cluster health

elasticsearch/es-cli-certutil

Generate Certificates

Generate certificates for security

elasticsearch
security
cert

Command

elasticsearch-certutil cert --ca elastic-stack-ca.p12

Explanation

Used for generating certificates for SSL/TLS encrypted transport and HTTP layers.

Common Use Cases

  • Securing Elasticsearch cluster communication
  • Setting up HTTPS for clients
  • Enabling x-pack security

Best Practices

  • Use certificate authority (CA) for all cluster nodes
  • Rotate certificates periodically

Common Mistakes to Avoid

  • Not setting correct certificate paths in elasticsearch.yml
  • Forgetting to restart nodes after updating certificates

Troubleshooting

Problem: SSL errors on node startup

Solution: Verify certificate chain and file permissions.

Problem: Clients cannot connect

Solution: Ensure SAN fields include correct hostname/IP.

Examples

Generate HTTP SSL certificates

elasticsearch-certutil http

More

Cluster Stats

elasticsearch

View cluster-wide statistics

Node Stats

elasticsearch

Get stats for all nodes

List Indices

elasticsearch

List all indices with details