Is your feature request related to a problem?

Currently, OpenSearch Operator enforces SSL by default, and there is no built-in option to disable it. This can be problematic in scenarios where SSL is not required, such as local development, testing environments, or when OpenSearch is deployed in a secured private network where SSL termination is handled externally.

What solution would you like?

I would like to add a new field DisableSSL to the OpenSearchCluster CRD, allowing users to disable SSL enforcement when needed. This should modify the operator’s behavior so that OpenSearch can start without requiring TLS certificates if DisableSSL is set to true.

What alternatives have you considered?

• Modifying the OpenSearchCluster resource via kubectl patch or by editing the StatefulSet after the operator deploys it.
• This method is unreliable, as the operator may reconcile and override changes.

Do you have any additional context?

• The new DisableSSL field should be optional and default to false to ensure backward compatibility.
• When DisableSSL=true, the operator should ensure that OpenSearch is deployed without TLS settings and certificates.
• This feature will improve flexibility for users who do not need SSL or have their own security mechanisms