You are looking at documentation for an older release.
Not what you want? See the
current release documentation.
Message authentication verifies that a message has not been tampered with or corrupted in transit.
To enable message authentication:
Run the
syskeygentool fromES_HOMEwithout any options:bin/shield/syskeygen
This creates a system key file in
CONFIG_DIR/shield/system_key.- Copy the genererated system key to the rest of the nodes in the cluster.
The system key is a symmetric key, so the same key must be on every node in the cluster.
Now that you’ve enabled message authentication, you might also want to Enable Auditing to keep track of attempted and successful interactions with your Elasticsearch cluster.