Submit Feedback
Legacy Knowledge Base
Published Jun. 30, 2025

Updating Elasticsearch certificates for x-pack security

Written By

Giulianna Munoa

How To articles are not official guidelines or officially supporteddocumentation. They are community-contributed content and may not alwaysreflect the latest updates to Liferay DXP. We welcome your feedback toimprove How to articles!

While we make every effort to ensure this Knowledge Base is accurate, itmay not always reflect the most recent updates or official guidelines.We appreciate your understanding and encourage you to reach out with anyfeedback or concerns.

Legacy Article

You are viewing an article from our legacy "FastTrack"publication program, made available for informational purposes. Articlesin this program were published without a requirement for independentediting or verification and are provided "as is" withoutguarantee.

Before using any information from this article, independently verify itssuitability for your situation and project.

Issue

  • The certificate used for x-pack configuration is about to expire and you need to replace it.
  • Also you need to know what happens if it’s not replaced.

Environment

  • Elasticsearch  x-pack security
  • DXP 7.2+

Resolution

  • When using x-pack security, the Elasticsearch certificate is utilized to encrypt the communications between nodes. If the certificate expires and is not renewed, the encryption will be affected. In this case, Liferay will still be able to connect to Elasticsearch, but the x-pack module will not be available.

  • To update the certificate on each Elasticsearch node, a rolling restart can be considered. You can find instructions on how to update node security certificates in the Elasticsearch documentation.

  • On the Liferay side, you will need to replace the certificate used for the connection in System Configuration > Search > X-Pack security. After making this change, restart Liferay. If you have multiple nodes, it is recommended to schedule a maintenance window for this update.

Additional Information

 

 

 

Did this article resolve your issue ?
Legacy Knowledge Base
Did this article resolve your issue ?