Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Allow the keystore to be password protected #32691
Now that we have a keystore we need to add the ability to encrypt it with a secret. Ideally when a node starts up a secret must be passed in somehow.
Some questions we need to answer
This was referenced
Aug 7, 2018
I can answer the easy one:
As it stands the reload-secure-store API has a request body param that is used to convey the password, or the vault token, for that matter, to some node which will then broadcast it to the full cluster, during reloading. The password/token is never stored, and it is not obfuscated at any step.
A few thoughts from a discussion in the @elastic/es-core-infra team meeting:
We should require HTTPS to be able to specify a password in the reload settings API. How exactly we do this is open to discussion, but we think that we should remove the ability to specify a password on the current reload settings API, and add a new API that allows specifying a password, and this API will require HTTPS. The idea here is that we want to avoid plaintext transmission of passwords.
We see this question as completely orthogonal to adding password support to the keystore.
We should fail the node.