- X-Pack Reference for 6.0-6.2 and 5.x:
- Introduction
- Installing X-Pack
- Migrating to X-Pack
- Breaking Changes
- Securing Elasticsearch and Kibana
- Monitoring the Elastic Stack
- Alerting on Cluster and Index Events
- Reporting from Kibana
- Graphing Connections in Your Data
- Profiling your Queries and Aggregations
- Machine Learning in the Elastic Stack
- X-Pack Settings
- X-Pack APIs
- Info API
- Security APIs
- Watcher APIs
- Graph APIs
- Machine Learning APIs
- Close Jobs
- Create Datafeeds
- Create Jobs
- Delete Datafeeds
- Delete Jobs
- Delete Model Snapshots
- Flush Jobs
- Get Buckets
- Get Categories
- Get Datafeeds
- Get Datafeed Statistics
- Get Influencers
- Get Jobs
- Get Job Statistics
- Get Model Snapshots
- Get Records
- Open Jobs
- Post Data to Jobs
- Preview Datafeeds
- Revert Model Snapshots
- Start Datafeeds
- Stop Datafeeds
- Update Datafeeds
- Update Jobs
- Update Model Snapshots
- Validate Detectors
- Validate Jobs
- Definitions
- Troubleshooting
- Limitations
- License Management
- Release Notes
WARNING: Version 5.4 of the Elastic Stack has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
Enabling Cipher Suites for Stronger Encryption
editEnabling Cipher Suites for Stronger Encryption
editThe TLS and SSL protocols use a cipher suite that determines the strength of encryption used to protect the data. You may want to increase the strength of encryption used when using a Oracle JVM; the IcedTea OpenJDK ships without these restrictions in place. This step is not required to successfully use encrypted communication.
The Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files enable the use of additional cipher suites for Java in a separate JAR file that you need to add to your Java installation. You can download this JAR file from Oracle’s download page. The JCE Unlimited Strength Jurisdiction Policy Files` are required for encryption with key lengths greater than 128 bits, such as 256-bit AES encryption.
After installation, all cipher suites in the JCE are available for use. To enable
the use of stronger cipher suites with X-Pack security, configure the cipher_suites
parameter. See the Configuration Parameters for TLS/SSL
section of this document for specific parameter information.
The JCE Unlimited Strength Jurisdiction Policy Files must be installed on all nodes in the cluster to establish an improved level of encryption strength.