From bd32839f27db43749bc3473a552db3b5828137fa Mon Sep 17 00:00:00 2001
From: Jose M <jm.garcia@wazuh.com>
Date: Mon, 1 Jul 2019 12:00:48 +0200
Subject: [PATCH] Add Xpack http security to elasticsearch template.

---
 .../templates/elasticsearch.yml.j2                     | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2 b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
index 8f60c368..2d62f025 100644
--- a/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
+++ b/roles/elastic-stack/ansible-elasticsearch/templates/elasticsearch.yml.j2
@@ -26,10 +26,16 @@ discovery.seed_hosts:
 # XPACK Security
 
 {% if elasticsearch_xpack_security %}
-xpack.security.enabled: false
+xpack.security.enabled: true
 xpack.security.transport.ssl.enabled: true
 xpack.security.transport.ssl.verification_mode: certificate 
 xpack.security.transport.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
 xpack.security.transport.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
-#xpack.security.transport.ssl.certificate_authorities: [ "{{node_certs_destination}}/ca.crt" ] 
+xpack.security.transport.ssl.certificate_authorities: [ "{{ node_certs_destination }}/ca.crt" ]
+
+xpack.security.http.ssl.enabled: true
+xpack.security.http.ssl.verification_mode: certificate
+xpack.security.http.ssl.key: {{node_certs_destination}}/{{ elasticsearch_node_name }}.key 
+xpack.security.http.ssl.certificate: {{node_certs_destination}}/{{ elasticsearch_node_name }}.crt 
+xpack.security.http.ssl.certificate_authorities: [ "/etc/elasticsearch/certs/ca.crt" ]
 {% endif %}
\ No newline at end of file