From ca4bbea8375d754cb5cfb37a6cd046ca6d038434 Mon Sep 17 00:00:00 2001 From: michaelbirnstiehl Date: Thu, 29 Apr 2021 07:37:21 -0500 Subject: [PATCH] DOCS update ES authentication configuration --- server/sonar-docs/src/pages/setup/operate-cluster.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/server/sonar-docs/src/pages/setup/operate-cluster.md b/server/sonar-docs/src/pages/setup/operate-cluster.md index 420cd478821..6395a9c25e3 100644 --- a/server/sonar-docs/src/pages/setup/operate-cluster.md +++ b/server/sonar-docs/src/pages/setup/operate-cluster.md @@ -153,19 +153,19 @@ Property | Description | Default | Required ### Elasticsearch authentication [[info]] -| This configuration is optional. Configuring your network security correctly is sufficient, but Elasticsearch authentication adds another layer of security. +| This configuration is optional. To secure access to your setup, you may want to first limit access to the nodes in your network. Elasticsearch authentication just adds another layer of security. For Elasticsearch authentication, the following properties need to be configured on specific nodes: #### Application nodes Property | Description | Default | Required ---|---|---|--- -`sonar.cluster.search.password`|Password for Elasticsearch built-in user (elastic) which will be used on the client site. If provided, it enables authentication.| |no +`sonar.cluster.search.password`|Password for Elasticsearch built-in user (elastic) which will be used on the client site. If provided, it enables authentication. If this property is set, `sonar.cluster.search.password` on the search nodes must also be set to exact same value.| |no #### Search nodes Property | Description | Default | Required ---|---|---|--- -`sonar.cluster.search.password`|Password for Elasticsearch built-in user (elastic) which will be set in ES. If provided, it enables authentication, and the instance will require additional properties to be set.| |no +`sonar.cluster.search.password`|Password for Elasticsearch built-in user (elastic) which will be set in ES. If provided, it enables authentication, and the instance will require additional properties to be set. If this property is set, `sonar.cluster.search.password` on the application nodes must also be set to exact same value.| |no `sonar.cluster.es.ssl.keystore`|File path to a keystore in PKCS#12 format. The user running SonarQube must have READ permission to that file. Required if password provided.| |no `sonar.cluster.es.ssl.truststore`|File path to a truststore in PKCS#12 format. The user running SonarQube must have READ permission to that file. Required if password provided.| |no `sonar.cluster.es.ssl.keystorePassword`|Password to the keystore.| |no -- 2.39.5