You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, the sensitive option is not available for the template declarations which create the SSL certs. The end result is that the keys, including private, are printed to standard out during the chef run. As an improvement to security, the sensitive option should be enabled and set to true by default for this template resource.
An example of a potential scenario could be where someone is logging output of the chef runs to a file, which is then read by Logstash and indexed in ElasticSearch. Consequently, anyone who would have read access to this data via Kibana would be able to easily obtain the certificates.
The text was updated successfully, but these errors were encountered:
Currently, the sensitive option is not available for the template declarations which create the SSL certs. The end result is that the keys, including private, are printed to standard out during the chef run. As an improvement to security, the sensitive option should be enabled and set to true by default for this template resource.
An example of a potential scenario could be where someone is logging output of the chef runs to a file, which is then read by Logstash and indexed in ElasticSearch. Consequently, anyone who would have read access to this data via Kibana would be able to easily obtain the certificates.
The text was updated successfully, but these errors were encountered: