The Log Search service may use SSL for three things:
Encrypt communication between Solr and the Log Search Server / Log Feeders
Encrypt communication with the portal by using https protocol
Encrypt communication with the Ambari Server for authentication
In all of these cases the Log Search Server should have a trust store / key store available which should be configured in the logsearch-env.sh file. In case #1 the Log Feeders should also have a trust store / key store available which should be configured in logfeeder-env.sh.
How to configure to use SSL in these cases?
For all cases you should configure the stores for the Portal (and the Log Feeders in case of #1), see below how to do it.
Using SSL for the communication with Solr you should configure your Solr server to use SSL.
Using https as the portal protocol you should set the property Advanced logsearch-env / logsearch_ui_protocol to https. If you are not using Ambari you should add (or update the value of) logsearch.protocol=https to the file /etc/ambari-logsearch-portal/conf/logsearch.properties.
Using https for authentication with Ambari Server you should set up the Ambari Server to use https.
How to configure the stores for the Portal and the Log Feeders?
Using Ambari to install Log Search all you have to do is to set the location of the stores, the type of the stores and also the password for the stores at Advanced logsearch-env and Advanced logfeeder-env.
Without Ambari you should set the locations and the types at the env files:
Log Search Server (/etc/ambari-logsearch-portal/conf/logsearch-env.sh):
Starting from Ambari 2.5 the Log Search Server creates the key store containing a self signed certificate if
it is not present at the specified location
it's type is jks
With this key store and the certificate you will be able to use https for the portal. I you don't want to use the default key store, or don't want to use a jks key store, or you want to use SSL for the communication with Solr, or the Ambari Server you should create your own key store and trust store.
Here is a sample command how to create a store containing a self signed certificate with openssl: