0
0
Elasticsearchquery~5 mins

Encryption in transit and at rest in Elasticsearch

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Introduction
Encryption keeps your data safe by turning it into secret code. Encryption in transit protects data while it moves between computers. Encryption at rest protects data stored on disks.
When sending sensitive data between your app and Elasticsearch to stop others from reading it.
When storing private information in Elasticsearch so no one can read it if they get the files.
When you want to follow security rules that require protecting data during transfer and storage.
When using Elasticsearch in a public or shared network where data could be intercepted.
When you want to build trust with users by keeping their data safe all the time.
Syntax
Elasticsearch
PUT /_cluster/settings
{
  "persistent": {
    "xpack.security.transport.ssl.enabled": true,
    "xpack.security.http.ssl.enabled": true,
    "xpack.security.http.ssl.keystore.path": "/path/to/keystore.p12",
    "xpack.security.http.ssl.truststore.path": "/path/to/truststore.p12"
  }
}
This example shows how to enable encryption for transport and HTTP layers in Elasticsearch.
You need to provide paths to your SSL certificate files (keystore and truststore).
Examples
Enable encryption for data moving between Elasticsearch nodes.
Elasticsearch
PUT /_cluster/settings
{
  "persistent": {
    "xpack.security.transport.ssl.enabled": true
  }
}
Enable encryption for HTTP connections to Elasticsearch with a keystore.
Elasticsearch
PUT /_cluster/settings
{
  "persistent": {
    "xpack.security.http.ssl.enabled": true,
    "xpack.security.http.ssl.keystore.path": "/path/to/keystore.p12"
  }
}
Example of snapshot repository setup; encryption at rest is handled by disk encryption or secure storage.
Elasticsearch
PUT /_snapshot/my_backup
{
  "type": "fs",
  "settings": {
    "location": "/mnt/backups",
    "compress": true
  }
}
Sample Program
This query enables encryption for both transport and HTTP layers using SSL certificates stored in the specified paths.
Elasticsearch
PUT /_cluster/settings
{
  "persistent": {
    "xpack.security.transport.ssl.enabled": true,
    "xpack.security.http.ssl.enabled": true,
    "xpack.security.http.ssl.keystore.path": "/etc/elasticsearch/certs/elastic-certificates.p12",
    "xpack.security.http.ssl.truststore.path": "/etc/elasticsearch/certs/elastic-certificates.p12"
  }
}
OutputSuccess
Important Notes
Encryption in transit uses SSL/TLS certificates to protect data moving between clients and servers or between nodes.
Encryption at rest is usually handled by disk encryption or secure storage solutions outside Elasticsearch itself.
Always keep your SSL certificates and keys safe and do not share them publicly.
Summary
Encryption in transit protects data while it moves across networks.
Encryption at rest protects stored data from unauthorized access.
Elasticsearch uses SSL/TLS settings to enable encryption in transit.