HowTo Secure Elasticsearch using spiped on FreeBSD, Debian and CentOS
Spiped makes it really easy to secure connections between clients and Elasticsearch databases.
Keep in mind that the symmetric key (once compromised) can be used to intercept/mitm all connections.
generate symmetric encryption key
and copy the key file onto every client
run spiped on Elasticsearch database server
Spiped will listen on port 19200 and forward traffic to 9200 (TCP forwarding must be enabled)
run spiped on client
Spiped will listen on port 9200 and forward to the Elasticsearch DBS port 19200