IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.
« Native user authentication SAML authentication »
Elastic Docs Elasticsearch Guide [6.3] Secure a cluster User authentication

PKI user authentication

edit

PKI user authentication

edit

You can configure X-Pack security to use Public Key Infrastructure (PKI) certificates to authenticate users in Elasticsearch. This requires clients to present X.509 certificates.

You cannot use PKI certificates to authenticate users in Kibana.

To use PKI in Elasticsearch, you configure a PKI realm, enable client authentication on the desired network layers (transport or http), and map the Distinguished Names (DNs) from the user certificates to X-Pack security roles in the role mapping file.

See Configuring a PKI realm.

PKI realm settings

edit

See PKI realm settings.

« Native user authentication SAML authentication »