New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove automatic private key/certificate generation #2355

Merged
merged 5 commits into from Jul 1, 2016

Conversation

Projects
None yet
2 participants
@joschi
Contributor

joschi commented Jun 15, 2016

This PR removes the automatic generation of a private key/certificate pair if TLS (HTTPS) support was enabled but the private key and/or the certificate are missing or aren't readable.

Unfortunately that feature is broken beyond repair:

  • The generated private keys and certificates are using a key size of 1024 bits (RSA), which is ridiculous nowadays (2048 bits is minimum, 4096 bits is recommended).
  • The generated private keys and certificates are using the host names from rest_listen_uri/web_listen_uri which breaks down if those aren't the exposed names (e. g. if rest_transport_uri or web_endpoint_uri is being used).
  • The internal communication between Graylog nodes via HTTPS through the Graylog REST API breaks down, because the generated certificates aren't trusted and the HTTP client refuses to speak to untrusted servers.

And most important: People relied on those generated weak certificates for their production systems.

I think it's best to remove this mis-feature altogether and force people to at least think about which level of security they want.

@bernd

This comment has been minimized.

Member

bernd commented Jul 1, 2016

Please document the upgrade path for users that currently use this feature in UPGRADING.rst. Thanks!

@bernd

This comment has been minimized.

Member

bernd commented Jul 1, 2016

LGTM 👍

@bernd

This comment has been minimized.

Member

bernd commented Jul 1, 2016

@joschi Please rebase and push again, thanks. I just wanted to press the merge button and it turned grey. 😄

@joschi joschi force-pushed the remove-certificate-generation branch from 7ea8055 to e94b2cc Jul 1, 2016

@bernd bernd merged commit 190349e into master Jul 1, 2016

4 checks passed

ci-server-integration Jenkins build graylog2-server-integration-pr 1047 has succeeded
Details
ci-web-linter Jenkins build graylog-pr-linter-check 533 has succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@bernd bernd deleted the remove-certificate-generation branch Jul 1, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment