Here it may not be obvious for the reader which DXP version this section refers to. We just say that
The Elasticsearch connector bundled with Liferay 7.3 includes X-Pack Security support.
but nothing indicates that the rest of the steps are not needed on 7.3 since there is no XPackSecurity config.
Update text to indicate this is for DXP 7.2 only.
Here we say
Here's an example that includes security properties:
The problem is that the security steps there are covering PEM format certs, while on DXP 7.3 you can use PKCS #12 or other types listed here: https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#KeyStore. So currently we don't provide all required steps to set-up security in DXP 7.3.
We should add steps for PKCS #12 format cert generation too or we could use only PKCS#12 format for both DXP 7.2 and 7.3 in the DXP configs. (Actually, if we decide to go with this path, it might may also make sense to use PKCS #12 in the elasticsearch.yml configs too so everywhere we deal with certs and Elasticsearch.)
- Create self-signed certificate for the client (Liferay DXP) - PKCS #12
- Example XPackSecurityConfig for DXP 7.2 with PKCS #12: