Skip to content

Access clusters using SSL

Jump to bottom
Carsten König edited this page Jan 25, 2025 · 17 revisions

Elasticvue supports clusters using SSL, provided your browser trusts the SSL certificate. Here's how to configure your setup:

Recommended Solution: elasticvue desktop

The simplest approach is to use Elasticvue desktop, which automatically bypasses certificate restrictions.
Download

Elasticvue for your browser

If you're not using elasticvue desktop, you need to ensure your browser accepts your cluster's SSL certificate. To test this:

  1. Open your cluster's URL in your browser.
  2. If you see a certificate warning, your browser doesn't trust the certificate, and elasticvue won't connect. Choose one of the following solutions:

Option 1: Use a Trusted Certificate Authority

Use a trusted certificate authority (e.g., Let’s Encrypt) to generate certificates for your cluster. This ensures automatic certificate acceptance by your browser. Ideal for production environments.

Option 2: Manually Import the Certificate Authority (CA)

Manually add your cluster’s CA to your browser’s certificate store. Steps vary by browser and OS. Here’s how to do it on Linux:

  • Chrome: Settings → Security and Privacy → Security → Manage certificates → Authorities Tab → Import → Select your CA → Check "Trust this CA to identify websites."
  • Firefox: Settings → Privacy & Security → Certificates → View Certificates... → Authorities Tab → Import... → Select your CA → Check "Trust this CA to identify websites."

For Elasticsearch 8, import the file located at: elasticsearch/config/certs/http_ca.crt

Option 3: Temporarily Accept the Certificate

  1. When elasticvue displays an error message about the untrusted certificate, click the link to your cluster (or open the URL manually in your browser).
  2. Your browser will warn you about the untrusted certificate. Accept the warning and trust the certificate.
  3. Return to elasticvue and test the connection again. It should now work.

Drawback: Trust a certificate this way is only temporary, and you may need to repeat these steps every time you restart your browser.

Option 4: Use a Proxy Server

Set up a local proxy server, such as simprox, to bypass browser restrictions. Here's how:

  1. Start the proxy server:
simprox -h 127.0.0.1:7000 -t https://your.cluster.com --skip-ssl-verify
  1. Connect to http://localhost:7000 (use http, not https) in elasticvue. If your cluster uses authentication, enter your username/password in elasticvue.

By following these steps, you can securely connect elasticvue to an SSL-enabled cluster, regardless of your setup.

Clone this wiki locally