-
Notifications
You must be signed in to change notification settings - Fork 372
Generating keys and packages
We need to generate TLS key pairs that ware used for encrypting the filebeat traffic.
Adjust ./certs/config.cnf to include the right details for the TLS certificates. Its really important to have the right IP (IP.1) or DNS (DNS.1) name listed in that file! These need to point to either the IP or the DNS of your RedELK server. Otherwise your TLS setup will not function and Logstash will fail and crash miserably with cryptic errors in its log.
Once done, run: initial-setup.sh ./certs/config.cnf This will create a CA, generate necessary certificates for secure communication between redirs, teamserver and elkserver and generates a SSH keypair for secure rsync authentication of the elkserver to the teamserver.
It also generates teamservers.tgz, redirs.tgz and elkserver.tgz that contain the installation packages for each component.
Rerunning this initial setup is not required. But if you want new certificates for a new operation, you can simply run this again.