[DOCS] Clarify keystore format in breaking changes 7.0 #43835
Comments
|
Pinging @elastic/es-docs |
rjernst
pushed a commit
that referenced
this issue
Aug 17, 2019
The elasticsearch keystore was originally backed by a PKCS#12 keystore, which had several limitations. To overcome some of these limitations in encoding, the setting names existing within the keystore were limited to lowercase alphanumberic (with underscore). Now that the keystore is backed by an encrypted blob, this restriction is no longer relevant. This commit relaxes that restriction by allowing uppercase ascii characters as well. closes #43835
rjernst
pushed a commit
that referenced
this issue
Aug 17, 2019
The elasticsearch keystore was originally backed by a PKCS#12 keystore, which had several limitations. To overcome some of these limitations in encoding, the setting names existing within the keystore were limited to lowercase alphanumberic (with underscore). Now that the keystore is backed by an encrypted blob, this restriction is no longer relevant. This commit relaxes that restriction by allowing uppercase ascii characters as well. closes #43835
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Reading breaking changes it is clear we have to use keystore.
It would be good to add clarification regarding keystore format.
Before 7.0 we could have setting in elasticsearch.yml
xpack.notification.pagerduty.account.TEST.service_api_keyIn 7.0 we will need
xpack.notification.pagerduty.account.TEST.secure_service_api_keyHowever this format is not valid when adding to keystore (bin/elasticsearch-keystore add xpack.notification.pagerduty.account.TEST.secure_service_api_key) we get:
ERROR: Setting name [xpack.notification.pagerduty.account.TEST.secure_service_api_key] does not match the allowed setting name pattern [[a-z0-9_\-.]+]In this case account format in elasticsearch.yml will have to change as well.
The text was updated successfully, but these errors were encountered: