Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix logging of matching CA certificate #130

Merged
merged 1 commit into from
Jun 8, 2023
Merged

Fix logging of matching CA certificate #130

merged 1 commit into from
Jun 8, 2023

Conversation

jsoriano
Copy link
Member

@jsoriano jsoriano commented Jun 8, 2023

What does this PR do?

When the 'ca_trusted_fingerprint' matches one of the certificates provided, log success only if the matching certificate is actually a CA, otherwise log that the matching certificate is not a CA.

With current code you can find contradictory logs if the matching log is not a CA:

CA certificate matching 'ca_trusted_fingerprint' found, adding it to 'certificate_authorities'
no CA certificate matching the fingerprint

With the changes here, on the same situation this will be logged:

Certificate matching 'ca_trusted_fingerprint' found, but is not a CA certificate
no CA certificate matching the fingerprint

Why is it important?

To avoid confusion due to the contradictory logs.

Checklist

  • My code follows the style guidelines of this project
  • I have commented my code, particularly in hard-to-understand areas
  • I have added tests that prove my fix is effective or that my feature works (there were tests covering this part).
  • I have added an entry in CHANGELOG.md

@jsoriano
Fix logging of matching CA certificate
b601082 
When the 'ca_trusted_fingerprint' matches one of the certificates
provided, log success only if the matching certificate is actually a CA,
otherwise log that the matching certificate is not a CA.
@jsoriano jsoriano added the bug Something isn't working label Jun 8, 2023
@jsoriano jsoriano requested a review from a team as a code owner June 8, 2023 09:15
@jsoriano jsoriano self-assigned this Jun 8, 2023
@jsoriano jsoriano requested review from pierrehilbert and fearful-symmetry and removed request for a team June 8, 2023 09:15
@elasticmachine
Copy link
Collaborator

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2023-06-08T09:15:26.036+0000

  • Duration: 8 min 19 sec

Test stats 🧪

Test Results
Failed 0
Passed 787
Skipped 11
Total 798

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

pierrehilbert
pierrehilbert approved these changes Jun 8, 2023
View reviewed changes
Copy link

@pierrehilbert pierrehilbert left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@jsoriano jsoriano merged commit 75c63f0 into elastic:main Jun 8, 2023
5 checks passed
@jsoriano jsoriano deleted the tls-ca-trusted-fingerprint-not-ca branch June 8, 2023 18:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pierrehilbert pierrehilbert pierrehilbert approved these changes

@fearful-symmetry fearful-symmetry Awaiting requested review from fearful-symmetry fearful-symmetry is a code owner automatically assigned from elastic/elastic-agent-data-plane

Assignees

@jsoriano jsoriano

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jsoriano @elasticmachine @pierrehilbert