Search server settings

Administration page	Application contract	Syracuse collaboration	Class	searchSettings	Representation	searchSettings

This page allows you to configure the connection and authentication to the Elasticsearch server.

Prerequisites

You need to allow wildcards to delete records.

To reduce the risk of accidental deletion, the use of wildcards is by default forbidden in Elasticsearch v8 for deletion operations. But it is required by the Delete all indexes action from the Search index management page.

It is not possible to activate this option from the code. You need to enter action.destructive_requires_name=false in the elasticsearch.yml configuration file.

Version

Select the version of the Elasticsearch server. It is set by default to version 8.

Connection

Select the connection mode in the Connection mode field. You can choose between On-premises server and Elastic Cloud.

On-premises server

The following fields display if you select the on-premises server connection mode.

Host

Enter the hostname or the IP address to connect to.

Port

Define the port to connect to. It is usually 9200.

Proxy

Select the proxy configuration required to connect to the on-premises server.

Enable security

The connection security is enabled by default. It is recommended to keep it this way. Refer to Elasticsearch's security principles.

There are two types of security configurations:

• Auto configuration: When Elasticsearch starts for the first time, it goes through an automatic setup process. This process involves creating a certificate for secure TLS connections and setting up default user accounts for authentication. This process can happen partially. Refer to the skip auto-configuration documentation.

• Manual configuration: Consult the manual configuration documentation. Elasticsearch provides a set of command line tools.

Elastic Cloud

The following fields display if you select the Elastic Cloud connection mode.

• Cloud ID: Assigns a unique ID to your hosted Elasticsearch cluster on Elasticsearch Service. The connection to Elastic Cloud is always secured.

TLS authentication

The connection between the Elasticsearch server and the Syracuse web server is secured by using TLS authentication.

CA certificates of search server

During the TLS authentication, the Syracuse server verifies the Elasticsearch server's identity by validating its certificate. This verification requires to register and select each associated Certificate authority certificate if the authority is not widely recognized or if the certificate is self-signed.

Client certificate

Set here a client certificate if requested by Elasticsearch for authentication.

User authentication

The Authentication mode field has three options:

No authentication

Set this option only if the Elasticsearch server has been configured with security but with the authentication disabled. It is not recommended in production.

Basic

Set this option for a user and password authentication. A set of users is created by default, and a set of CLI tools is provided to manage these users and passwords. You can test it by using the elastic user and the Reset password command to change its password.

API key

Enables the creation of secondary credentials so that a request can be sent on behalf of a user. It is similar to the Connected applications feature. See the related documentation.

Setting

Request timeout (ms)

Enter the time in milliseconds after which the search stops. It is set by default to 30 seconds.

Index name prefix

Elasticsearch provides the possibility to add a specific prefix to your managed indexes.

You can enter the prefix to add to the beginning of each index.

Appendixes

For more information about Elasticsearch, consult the following documentation:

• Authentication

• elasticsearch-js GitHub repository

• Elasticsearch Node.js client