Airlock Gateway logs and system service logs are stored in an Elasticsearch database. Depending on the configuration, a local or remote Elasticsearch installation can be targeted.
When a remote Elasticsearch database is accessed over HTTPS, the server certificate is verified against the local system CAs (storage path /etc/pki/tls/certs/ca-bundle.crt
).
The default port to access an Elasticsearch database over HTTPS is 9200.
If you are using a self-signed server certificate or a certificate issued by your own Root CA, you must place a file containing the CA certificate under: