Securing the Wazuh server API

The communication between the Wazuh dashboard and the Wazuh server API is encrypted with HTTPS by default. The Wazuh server API will generate its own private key and certificate during the first run if users do not supply them. Additionally, the Wazuh server API automatically creates the following username-password pair when installed with the OVA installation:

  • wazuh:wazuh

  • wazuh-wui:wazuh-wui

If the Wazuh deployment was performed using the installation assistant script, the Wazuh API username is wazuh and you can extract the password by running the following command:

# tar -axf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt -O | grep -P "\'wazuh\'" -A 1

Therefore, securing the Wazuh server API is crucial after installing the Wazuh manager.

Warning

We highly recommend changing the default passwords and to use your own certificate since the one created by the Wazuh server API is self-signed.