I generated all key, pem files with example.sh, please let me know which one I can use for curl ?

[Robert Chen]

My cluster has 3 nodes, the cluster and kibana is setup and running correctly with search guard. But I do not how to use curl with https ?

[root@ip-10-8-8-246 example-pki-scripts]# ls
ca        example.sh               kirk.crtfull.pem   kirk-keystore.p12  spock.csr           truststore.jks          usg-elk-b.csr           usg-elk-c-keystore.jks
certs     gen_client_node_cert.sh  kirk.crt.pem       kirk-signed.pem    spock.key.pem       usg-elk-a.csr           usg-elk-b-keystore.jks  usg-elk-c-keystore.p12
clean.sh  gen_node_cert.sh         kirk.csr           spock.all.pem      spock-keystore.jks  usg-elk-a-keystore.jks  usg-elk-b-keystore.p12  usg-elk-c-signed.pem
crl       gen_root_ca.sh           kirk.key.pem       spock.crtfull.pem  spock-keystore.p12  usg-elk-a-keystore.p12  usg-elk-b-signed.pem
etc       kirk.all.pem             kirk-keystore.jks  spock.crt.pem      spock-signed.pem    usg-elk-a-signed.pem    usg-elk-c.csr

[root@ip-10-8-8-246 example-pki-scripts]#  curl --insecure -E  usg-elk-a-signed.pem  https://10.8.8.246:9200/_cat/indices?v
Unauthorized

[root@ip-10-8-8-246 example-pki-scripts]# curl --cacert usg-elk-a-signed.pem  https://10.8.8.246:9200/_cat/indices?v
curl: (60) Peer's certificate issuer has been marked as not trusted by the user.

[SG]

possible duplicate of https://github.com/floragunncom/search-guard/issues/58#issuecomment-275145664

> --
> You received this message because you are subscribed to the Google Groups "Search Guard" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to search-guard...@googlegroups.com.
> To post to this group, send email to search...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/search-guard/5f482471-478c-4ed2-8a16-1297dbe7e04c%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.