To reset the OpenSearch security configuration

Purpose

If all of the following are true in an NSP cluster, you must reset the OpenSearch security configuration used by Log Viewer in the cluster.

  • A custom TLS certificate is used.

  • The deleteOnUndeploy parameter in the nsp-config.yml file is set to false.

  • You have undeployed, and then redeployed, the NSP cluster.

Steps
 

Log in as the root user on the NSP cluster host.


Open a console window.


Enter the following:

kubectl exec -it opensearch-cluster-master-0 -n nsp-psa-restricted bash ↵


Enter the following:

/usr/share/opensearch/plugins/opensearch-security/tools/securityadmin.sh -cacert /usr/share/opensearch/config/root-ca.pem -cert /usr/share/opensearch/config/kirk.pem -key /usr/share/opensearch/config/kirk-key.pem -cd /usr/share/opensearch/config/opensearch-security/ ↵

The OpenSearch security configuration is reset.


Close the console window.

End of steps