thank you for your reply! and the link!
before i start to read it
Can you tell me whether they have difference? or they are just used on different layer?
I know it. what i want to know is the reason why we have to create 2 certificates. the server certificate, the client certificate
Shouldn’t we just use 1 certificate ?
Oh sorry, so basically the client/server certificates are mandatory for Transport layer SSL (and client is optional for REST layer SSL). The official documentation TLS Certificates - Open Distro for Elasticsearch Documentation gives you some indications why both may be needed. In general, it establishes trust between server and client.