Skip to content

Commit b4ccd3e

Browse files
lcawllcawl
authored
[DOCS] Adds http to elasticsearch-certutil command reference (#51188)
1 parent db48029 commit b4ccd3e

File tree

1 file changed

+20
-2
lines changed

1 file changed

+20
-2
lines changed

docs/reference/commands/certutil.asciidoc

Lines changed: 20 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44
== elasticsearch-certutil
55

66
The `elasticsearch-certutil` command simplifies the creation of certificates for
7-
use with Transport Layer Security (TLS) in the Elastic Stack.
7+
use with Transport Layer Security (TLS) in the {stack}.
88

99
[float]
1010
=== Synopsis
@@ -26,13 +26,16 @@ bin/elasticsearch-certutil
2626
[-E <KeyValuePair>] [--keysize <bits>] [--out <file_path>]
2727
[--pass <password>]
2828
)
29+
30+
| http
31+
2932
[-h, --help] ([-s, --silent] | [-v, --verbose])
3033
--------------------------------------------------
3134

3235
[float]
3336
=== Description
3437

35-
You can specify one of the following modes: `ca`, `cert`, `csr`. The
38+
You can specify one of the following modes: `ca`, `cert`, `csr`, `http`. The
3639
`elasticsearch-certutil` command also supports a silent mode of operation to
3740
enable easier batch operations.
3841

@@ -108,6 +111,18 @@ private keys for each instance. Each CSR is provided as a standard PEM
108111
encoding of a PKCS#10 CSR. Each key is provided as a PEM encoding of an RSA
109112
private key.
110113

114+
[float]
115+
[[certutil-http]]
116+
==== HTTP mode
117+
118+
The `http` mode guides you through the process of generating certificates for
119+
use on the HTTP (REST) interface for {es}. It asks you a number of questions in
120+
order to generate the right set of files for your needs. For example, depending
121+
on your choices, it might generate a zip file that contains a certificate
122+
authority (CA), a certificate signing request (CSR), or certificates and keys
123+
for use in {es} and {kib}. Each folder in the zip file contains a readme that
124+
explains how to use the files.
125+
111126
[float]
112127
=== Parameters
113128

@@ -120,6 +135,9 @@ This parameter cannot be used with the `csr` or `ca` parameters.
120135
`csr`:: Specifies to generate certificate signing requests. This parameter
121136
cannot be used with the `ca` or `cert` parameters.
122137

138+
`http`:: Generates a new certificate or certificate request for the {es} HTTP
139+
interface.
140+
123141
`--ca <file_path>`:: Specifies the path to an existing CA key pair
124142
(in PKCS#12 format). This parameter cannot be used with the `ca` or `csr` parameters.
125143

0 commit comments

Comments
 (0)