Logstash - Plugins - SSL Settings Standardization - Standardize Elasticsearch INPUT settings #14922
Description
This issue should make the plugin SSL settings consistent with the naming convention defined in the meta issue. Missing settings already supported by the plugin's HTTP/TCP client, which only requires small coding changes on the plugin source, should also be added through this issue.
Add and deprecate options to comply with the naming convention
- ssl -> ssl_enabled
- ca_file -> ssl_certificate_authorities
- ca_trusted_fingerprint (specific for ES plugins)
Add common settings validations
- Not allow mixing the same deprecated and new setting on the same plugin configuration, e.g.
sslandssl_enabled
Add ssl_verification_mode functionality and mark ssl_certificate_verification as deprecated
- Make it in a backward-compatible way
Add missing settings/functionality that fits into the phase 1 description, and move non-phase 1-2 to the phase 3 issue (to be created if doesn't exist)
- ssl_certificate
- ssl_cipher_suites
- ssl_handshake_timeout (probably unsupported by ES client)
- ssl_key
- ssl_key_passphrase
- ssl_supported_protocols
- ssl_keystore_path
- ssl_keystore_password
- ssl_keystore_type
- ssl_keystore_key_password
- ssl_truststore_path
- ssl_truststore_password
- ssl_truststore_type