Install the Full Text Search Public Certificate in Elasticsearch
The final set of steps that must be executed to complete the deployment of the system consisting of a secure Oracle NoSQL store and a secure Elasticsearch cluster is to retrieve the Oracle NoSQL store’s public certificate with alias FTS, and install that certificate in the truststore of each Elasticsearch node. For example,
On eshost1, eshost2, and eshost3,
scp <username>@kvhost1:/opt/ondb/kvroot/security/FTS.crt /opt/es/install-xfer/certs
keytool –importcert
–alias FTS
-file /opt/es/install-xfer/certs/FTS.crt
–keystore /opt/es/elasticsearch/config/shield/elasticsearch.trust
-storepass No_Sql_00
–keypass No_Sql_00
–noprompt
Once the store’s FTS public certificate is installed on each Elasticsearch node, you can deploy the Elasticsearch cluster; which should now be able to communicate with the secure Oracle NoSQL store deployed in Deploying and Configuring a Secure Oracle NoSQL Store. For example, using Java 8 or greater,
On eshost1
cd /scratch/es
./elasticsearch/bin/elasticsearch
--cluster.name escluster
--node.name eshost1
--transport.tcp.port 29000
--http.port 29100
--discovery.zen.ping.unicast.hosts eshost1:29000,eshost2:29000,eshost3:29000
On eshost2
cd /scratch/es
./elasticsearch/bin/elasticsearch
--cluster.name escluster
--node.name eshost2
--transport.tcp.port 29000
--http.port 29100
--discovery.zen.ping.unicast.hosts eshost1:29000,eshost2:29000,eshost3:29000
On eshost3
cd /scratch/es
./elasticsearch/bin/elasticsearch
--cluster.name escluster
--node.name eshost3
--transport.tcp.port 29000
--http.port 29100
--discovery.zen.ping.unicast.hosts eshost1:29000,eshost2:29000,eshost3:29000
At this point you should now be able to do the following:
- Execute the example program in secure mode to populate the store with JSON data.
- Run the Admin CLI as the user named FTS to both register the store with the Elasticsearch cluster and create a Text Index on the data in the store.
- Use
curl
to send secure queries to Elasticsearch to perform Full Text Search on the indexed data. See Running the Examples in Secure Mode.