The problem When starting an Elasticsearch instance in version 8 (the current version being 8.7.0) for the first time, the Elasticsearch server is by default automatically configured with a random generated password and a self signed certificate to secure the connection between clients and the Elasticsearch server.
The password and the fingerprint for the certificate are shown in the output of the server on the first start (output truncated for brevity):
This post describes how to build a REST service with Spring-Boot that uses Basic-Authentication for several users and that uses the username of the authenticated user to do it’s work. Warning: A service using basic authentication should always use HTTPS as transport protocol, either by running behind a web server proxy or by setting up HTTPS by itself. I’ll cover the latter in a later post.
This might be a setup for a service, where for each user, data is stored in a database, so it not only is necessary to authenticate the user to use the service, but it is also necessary in the service to know which user is accessing the service.
This article shows how to implement a HTTPS web service connection where the server only allows trusted clients to connect. It extends and uses the information given in this article “Java Webservice using HTTPS part 1”.
First, it is necessary to create a certificate for the client and to store it in the client’s keystone:
keytool -genkey -keystore client_keystore.ks -alias client This certificate must be exported from the client’s keystore…
This article describes how to offer a web service over a secure HTTPS connection. In this first step of securing the connection, the server will accept any client without verifying the client’s identity.
First it is necessary to have a server certificate. For this example, we are using the keytool program which is shipped with Java and we create a self signed certificate and store it in a Keystore file named server_keystore.
