I’m planning on creating a self-signed certificate on ES to encrypt the data between Kibana and ES, which are on separate machines. I just would like to confirm:
From this page, does adding SSL on ROR protect the data between ES and the client/kibana or does it ONLY protect the data for basic auth?
If you activate SSL in Elasticsearch using ROR, Kibana, Logstash, or any other software that connects to Elasticsearch via the HTTP protocol will need to change their connection URL to HTTPS
I.e. in Kibana:
Before ROR SSL enabled:
elasticsearch.url: "http://localhost:9200"
After ROR SSL enabled:
elasticsearch.url: "https://localhost:9200"
Exactly like it happens with your browser, HTTPS works by establishing an encrypted channel at the transport layer, on top of which the whole HTTP session is transmitted. Request headers and request body included.
So to answer your question: both credentials and data will be encrypted once you enabled SSL in ROR for Elasticsearch.