Enroll a node Added in 8.0.0

GET /_security/enroll/node

Enroll a new node to allow it to join an existing cluster with security features enabled.

The response contains all the necessary information for the joining node to bootstrap discovery and security related settings so that it can successfully join the cluster. The response contains key and certificate material that allows the caller to generate valid signed certificates for the HTTP layer of all nodes in the cluster.

Responses

  • 200 application/json
    Hide response attributes Show response attributes object
    • http_ca_key string Required

      The CA private key that can be used by the new node in order to sign its certificate for the HTTP layer, as a Base64 encoded string of the ASN.1 DER encoding of the key.

    • http_ca_cert string Required

      The CA certificate that can be used by the new node in order to sign its certificate for the HTTP layer, as a Base64 encoded string of the ASN.1 DER encoding of the certificate.

    • transport_ca_cert string Required

      The CA certificate that is used to sign the TLS certificate for the transport layer, as a Base64 encoded string of the ASN.1 DER encoding of the certificate.

    • transport_key string Required

      The private key that the node can use for TLS for its transport layer, as a Base64 encoded string of the ASN.1 DER encoding of the key.

    • transport_cert string Required

      The certificate that the node can use for TLS for its transport layer, as a Base64 encoded string of the ASN.1 DER encoding of the certificate.

    • nodes_addresses array[string] Required

      A list of transport addresses in the form of host:port for the nodes that are already members of the cluster.

GET /_security/enroll/node
curl \
 -X GET http://api.example.com/_security/enroll/node
Response examples (200)
{
  "http_ca_key": "string",
  "http_ca_cert": "string",
  "transport_ca_cert": "string",
  "transport_key": "string",
  "transport_cert": "string",
  "nodes_addresses": [
    "string"
  ]
}