Standardize and add SSL settings #185
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
edmocosta
changed the title
andsel
requested changes
Mar 9, 2023
Contributor
andsel
left a comment
andsel
left a comment
There was a problem hiding this comment.
Left some comments, for your evaluation
andsel
requested changes
Mar 10, 2023
Contributor
andsel
left a comment
andsel
left a comment
There was a problem hiding this comment.
We are almost at the finish just a style nitpick
edmocosta
force-pushed
the
standardize_ssl_settings
branch
from
36a2a6b to
4f291fa
Compare
Contributor
Author
Thank you again for reviewing it, @andsel. I've addressed your suggestions plus the suggestion #1 and suggestion #2 made on the output plugin. |
karenzone
reviewed
Mar 21, 2023
|
|
||
| [id="plugins-{type}s-{plugin}-deprecated-options"] | ||
| ==== Elasticsearch Input deprecated configuration options | ||
|
|
Contributor
There was a problem hiding this comment.
This is a departure from the standard approach we've used for deprecated options in other plugins. For example, https://www.elastic.co/guide/en/logstash/current/plugins-inputs-beats.html#plugins-inputs-beats-options.
This approach is cleaner, but not as discoverable for users with older configs.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What this PR does?
Added the following SSL settings:
ssl_enabled: Enable/disable the SSL settings. Infer the value from the hosts' scheme if neither the deprecate :ssl nor the new :ssl_enabled configs were setssl_certificate: OpenSSL-style X.509 certificate file to authenticate the clientssl_key: OpenSSL-style RSA private key that corresponds to thessl_certificatessl_truststore_path: he JKS truststore to validate the server's certificatessl_truststore_type: The format of the truststore filessl_truststore_password: The truststore passwordssl_keystore_path: The keystore used to present a certificate to the serverssl_keystore_type: The format of the keystore filessl_keystore_password: The keystore passwordssl_cipher_suites: The list of cipher suites to usessl_supported_protocols: Supported protocols with versionsReviewed and deprecated SSL settings to comply with Logstash's naming convention
sslin favor ofssl_enabled:ca_filein favor ofssl_certificate_authoritiesssl_certificate_verificationin favor ofssl_verification_modeThe behavior standardization across plugins, such as the accepted certificate formats, default values, etc will be tackled in future PRs.
Closes elastic/logstash#14922
Closes #96
Closes #71
Closes #42
Closes #115