Skip to content

[Draft] Merge x-pack SSL configuration with libs/ssl-config #72285

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 56 commits into from
Closed

[Draft] Merge x-pack SSL configuration with libs/ssl-config #72285

wants to merge 56 commits into from

Conversation

@tvernum
Copy link
Contributor

@tvernum tvernum commented Apr 27, 2021

This remove the SSL configuration code from x-pack, and instead uses libs/ssl-config

This requires is quite a substantial set of changes, so I intend to split it into separate PRs. This draft PR is for tracking the outstanding code to merge.

Resolves: #68719

@tvernum tvernum added :Security/TLS SSL/TLS, Certificates v8.0.0 labels Apr 27, 2021
@tvernum tvernum added the :Security/FIPS Running ES in FIPS 140-2 mode label Jun 4, 2021
tvernum added 7 commits June 7, 2021 14:23
@tvernum
Merge branch 'master' into merge-ssl-config
a4b4904 
# Conflicts:
#	x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/ssl/SSLConfigurationReloader.java
@tvernum
Merge branch 'master' into merge-ssl-config
6efe92c
@tvernum
Handle SslConfigExceptions when loading PEM
463c154 
Some security providers (specifically BC) will return an empty
certifiacte collection when reading an empty file.
This leads to different exception handling, but it would be preferable
to have as much commonality as possible
@tvernum
Merge branch 'master' into merge-ssl-config
d8a7bcb
@tvernum
Merge branch 'master' into merge-ssl-config
fc895f5
@tvernum
Improve implementation of getKeys
b443007
@tvernum
Merge branch 'master' into merge-ssl-config
4fb2284
@BigPandaToo BigPandaToo mentioned this pull request Jul 8, 2021
Closed
@tvernum tvernum force-pushed the merge-ssl-config branch from c8ee5fb to 4e208a7 Compare July 16, 2021 07:23
tvernum added 4 commits July 30, 2021 14:54
@tvernum
Merge branch 'master' into merge-ssl-config
8c2c42f
@tvernum
Merge branch 'master' into merge-ssl-config
5fc19c6
@tvernum
Merge branch 'master' into merge-ssl-config
9e00478
@tvernum
Merge branch 'master' into merge-ssl-config
a2e1c42 
# Conflicts:
#	x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/ssl/CertParsingUtils.java
#	x-pack/plugin/core/src/main/java/org/elasticsearch/xpack/core/ssl/PEMKeyConfig.java
#	x-pack/plugin/core/src/test/java/org/elasticsearch/xpack/core/ssl/SSLConfigurationReloaderTests.java
#	x-pack/plugin/security/cli/src/test/java/org/elasticsearch/xpack/security/cli/PemToKeystore.java
#	x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/security/authc/pki/PkiAuthenticationTests.java
#	x-pack/plugin/security/src/internalClusterTest/java/org/elasticsearch/xpack/ssl/SslClientAuthenticationTests.java
#	x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlMetadataCommandTests.java
#	x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/security/authc/saml/SamlTestCase.java
#	x-pack/plugin/security/src/test/java/org/elasticsearch/xpack/ssl/SSLErrorMessageFileTests.java
@tvernum tvernum mentioned this pull request Aug 5, 2021
Merged
@tvernum tvernum closed this Sep 22, 2021
@tvernum tvernum deleted the merge-ssl-config branch September 23, 2021 02:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

:Security/FIPS Running ES in FIPS 140-2 mode :Security/TLS SSL/TLS, Certificates v8.0.0-beta1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Merge X-Pack SSL config with libs/ssl-config

2 participants

@tvernum @jakelandis