Installing own ssl certificates for the wazuh manager dashboard
2,384 views
Skip to first unread message
Vamshi Krishna
Sep 12, 2022, 5:48:03 AM9/12/22
to Wazuh mailing list
Hi,
I am using Wazuh manager for security monitoring, it is running on public ip, i have my domain name via my dns server, i need to configure my domain ssl certificates now, can anyone help me to install own ssl certificates for wazuh server.
Federico Rodriguez
Sep 12, 2022, 6:21:56 AM9/12/22
to Wazuh mailing list
Hi!
Thanks for using Wazuh.
In the Certificate Deployment configuration you can follow the steps to setup your own certificates. In the IP field you can type your domain name instead of the IP.
If you have further questions please let me know.
Regards
Source: https://documentation.wazuh.com/current/user-manual/certificates.html
Thanks for using Wazuh.
In the Certificate Deployment configuration you can follow the steps to setup your own certificates. In the IP field you can type your domain name instead of the IP.
If you have further questions please let me know.
Regards
Source: https://documentation.wazuh.com/current/user-manual/certificates.html
Vamshi Krishna
Sep 12, 2022, 10:24:10 AM9/12/22
to Wazuh mailing list
Hi,
I am unable to find the config.yml location, can you please share the location.
I am using Wazuh server integrated with kibana and elastic search.
Federico Rodriguez
Sep 13, 2022, 12:06:50 PM9/13/22
to Wazuh mailing list
Hi,
My bad. In case you already have certificates, we should be able to skip downloading config.yml file because it is used only in the certificate creation process.
Set certificates in Elasticsearch - Go to Step n°3 in the documentation
https://documentation.wazuh.com/current/deployment-options/elastic-stack/distributed-deployment/elasticsearch-cluster/elasticsearch-single-node-cluster.html#certificates-creation-and-deployment
What we should do is copy the certificates to /etc/elasticsearch/certs/
and then set them up in in elasticsearch configuration:
/etc/elasticsearch/elasticsearch.yml
This is an example using Opendistro
opendistro_security.ssl.transport.pemcert_filepath: /etc/elasticsearch/certs/elasticsearch.pem
opendistro_security.ssl.transport.pemkey_filepath: /etc/elasticsearch/certs/elasticsearch-key.pem
opendistro_security.ssl.transport.pemtrustedcas_filepath: /etc/elasticsearch/certs/root-ca.pem
opendistro_security.ssl.transport.enforce_hostname_verification: false
opendistro_security.ssl.transport.resolve_hostname: false
opendistro_security.ssl.http.enabled: true
opendistro_security.ssl.http.enabled_protocols: TLSv1.2
opendistro_security.ssl.transport.enabled_protocols: TLSv1.2
opendistro_security.ssl.http.enabled_ciphers:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
opendistro_security.ssl.transport.enabled_ciphers:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
opendistro_security.ssl.http.pemcert_filepath: /etc/elasticsearch/certs/elasticsearch.pem
opendistro_security.ssl.http.pemkey_filepath: /etc/elasticsearch/certs/elasticsearch-key.pem
opendistro_security.ssl.http.pemtrustedcas_filepath: /etc/elasticsearch/certs/root-ca.pem
Set certificates in Kibana - Go to Step n°2 in the documentation
https://documentation.wazuh.com/current/deployment-options/elastic-stack/distributed-deployment/kibana/index.html#kibana-installation-and-configuration
Set certificates in Filebeat configuration - Go to Step n°6 in the documentation
https://documentation.wazuh.com/current/deployment-options/elastic-stack/distributed-deployment/wazuh-cluster/wazuh-single-node-cluster.html#filebeat-installation-and-configuration
You may also find useful this Elastic post on certificates configuration:
https://www.elastic.co/blog/configuring-ssl-tls-and-https-to-secure-elasticsearch-kibana-beats-and-logstash
Regards
My bad. In case you already have certificates, we should be able to skip downloading config.yml file because it is used only in the certificate creation process.
Set certificates in Elasticsearch - Go to Step n°3 in the documentation
https://documentation.wazuh.com/current/deployment-options/elastic-stack/distributed-deployment/elasticsearch-cluster/elasticsearch-single-node-cluster.html#certificates-creation-and-deployment
What we should do is copy the certificates to /etc/elasticsearch/certs/
and then set them up in in elasticsearch configuration:
/etc/elasticsearch/elasticsearch.yml
This is an example using Opendistro
opendistro_security.ssl.transport.pemcert_filepath: /etc/elasticsearch/certs/elasticsearch.pem
opendistro_security.ssl.transport.pemkey_filepath: /etc/elasticsearch/certs/elasticsearch-key.pem
opendistro_security.ssl.transport.pemtrustedcas_filepath: /etc/elasticsearch/certs/root-ca.pem
opendistro_security.ssl.transport.enforce_hostname_verification: false
opendistro_security.ssl.transport.resolve_hostname: false
opendistro_security.ssl.http.enabled: true
opendistro_security.ssl.http.enabled_protocols: TLSv1.2
opendistro_security.ssl.transport.enabled_protocols: TLSv1.2
opendistro_security.ssl.http.enabled_ciphers:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
opendistro_security.ssl.transport.enabled_ciphers:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
opendistro_security.ssl.http.pemcert_filepath: /etc/elasticsearch/certs/elasticsearch.pem
opendistro_security.ssl.http.pemkey_filepath: /etc/elasticsearch/certs/elasticsearch-key.pem
opendistro_security.ssl.http.pemtrustedcas_filepath: /etc/elasticsearch/certs/root-ca.pem
Set certificates in Kibana - Go to Step n°2 in the documentation
https://documentation.wazuh.com/current/deployment-options/elastic-stack/distributed-deployment/kibana/index.html#kibana-installation-and-configuration
Set certificates in Filebeat configuration - Go to Step n°6 in the documentation
https://documentation.wazuh.com/current/deployment-options/elastic-stack/distributed-deployment/wazuh-cluster/wazuh-single-node-cluster.html#filebeat-installation-and-configuration
You may also find useful this Elastic post on certificates configuration:
https://www.elastic.co/blog/configuring-ssl-tls-and-https-to-secure-elasticsearch-kibana-beats-and-logstash
Regards
Reply all
Reply to author
Forward
0 new messages