IMPORTANT: elasticsearch.js has been replaced by the new Elasticsearch JavaScript client. We strongly advise you to migrate to the new client. To learn more, see the migration guide.

Elastic Docs elasticsearch.js SSL and Authentication
« Basic Auth Extending »

HTTPS/SSLedit

Without any additional configuration you can specify https:// host urls, but the certificates used to sign these requests will not verified (rejectUnauthorized: false). To turn on certificate verification you must specify an ssl: object either in the top level config or in each host config object and set rejectUnauthorized: true. The ssl config object can contain many of the same configuration options that tls.connect() accepts. For convenience these options are also listed in the configuration reference.

Specify a certificate authority that should be used to verify server certifcates on all nodes:

var client = new elasticsearch.Client({
  hosts: [
    'https://box1.internal.org:9200',
    'https://box2.internal.org:9200',
    'https://box3.internal.org:9200'
  ],
  ssl: {
    ca: fs.readFileSync('./cacert.pem'),
    rejectUnauthorized: true
  }
});
« Basic Auth Extending »