Securing the Wazuh indexer API

The communication to the Wazuh indexer API is encrypted with HTTPS by default. This is facilitated by the self-signed certificates generated during installation. Users can also supply their certificates to encrypt the traffic. A user named admin is also created during the installation that has administrative access to the Wazuh indexer API. It is recommended that the default password is changed and CA-signed certificates are used rather than self-signed certificates, especially when the Wazuh indexer is accessible over the internet.