Enable Message Authentication

Message authentication verifies that a message has not been tampered with or corrupted in transit.

To enable message authentication:

  1. Run the syskeygen tool from ES_HOME without any options:

    bin/shield/syskeygen

    This creates a system key file in ES_HOME/config/shield/system_key. You can customize this file’s location by changing the value of the shield.system_key.file setting in elasticsearch.yml.

  2. Copy the genererated system key to the rest of the nodes in the cluster.

The system key is a symmetric key, so the same key must be on every node in the cluster.

Now that you’ve enabled message authentication, you might also want to Enable Auditing to keep track of attempted and successful interactions with your Elasticsearch cluster.