Hypertext Transfer Protocol Secure (HTTPS) is a security-enhanced version of HTTP. HTTPS works with Secure Socket Layer (SSL) to ensure the security of data transmission. HTTPS uses HTTP for communications. SSL is used to encrypt the data. To ensure data security, we recommend that you enable HTTPS.
Prerequisites
- An Alibaba Cloud Elasticsearch cluster is created.
For more information, see Create an Elasticsearch cluster.
- A client node is available.
You can purchase a client node during the Elasticsearch cluster creation or upgrade. For more information, see Upgrade the configuration of a cluster.
- The code of the client that is used to access your Elasticsearch cluster is modified.
Otherwise, you cannot use client programs to access your Elasticsearch cluster.
Use the REST client of the open-source Elasticsearch as an example. After you enable HTTPS, you must include the
https
parameter inHttpHost
, for example,new HttpHost("es-cn-xxxxx.elasticsearch.aliyuncs.com", 9200, "https"));
. The sample code is as follows:- The code before HTTPS is enabled
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "Your password")); RestClientBuilder restClientBuilder = RestClient.builder( new HttpHost("es-cn-xxxxx.elasticsearch.aliyuncs.com", 9200)); RestClient restClient = restClientBuilder.setHttpClientConfigCallback( new RestClientBuilder.HttpClientConfigCallback() { @Override public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) { return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider); } }).build();
- The code after HTTPS is enabled
final CredentialsProvider credentialsProvider = new BasicCredentialsProvider(); credentialsProvider.setCredentials(AuthScope.ANY, new UsernamePasswordCredentials("elastic", "Your password")); RestClientBuilder restClientBuilder = RestClient.builder( new HttpHost("es-cn-xxxxx.elasticsearch.aliyuncs.com", 9200, "https")); RestClient restClient = restClientBuilder.setHttpClientConfigCallback( new RestClientBuilder.HttpClientConfigCallback() { @Override public HttpAsyncClientBuilder customizeHttpClient(HttpAsyncClientBuilder httpClientBuilder) { return httpClientBuilder.setDefaultCredentialsProvider(credentialsProvider); } }).build();
- The code before HTTPS is enabled